urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-...
Submission: On December 15 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 8 countries across 84 domains to perform 434 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 93127.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
15 142.251.10.132 15169 (GOOGLE)
1 6 64.120.88.131 133752 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
19 104.26.3.91 13335 (CLOUDFLAR...)
17 92 74.125.24.155 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
2 142.251.12.97 15169 (GOOGLE)
3 172.253.118.113 15169 (GOOGLE)
6 74.125.200.154 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
2 74.125.68.155 15169 (GOOGLE)
8 142.251.10.154 15169 (GOOGLE)
8 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
25 142.250.4.132 15169 (GOOGLE)
6 172.253.118.155 15169 (GOOGLE)
30 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
1 3 103.229.10.247 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
6 142.250.4.105 15169 (GOOGLE)
14 182.161.73.135 55569 (CRITEO-AS...)
5 182.161.73.142 55569 (CRITEO-AS...)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 35.213.117.18 15169 (GOOGLE)
3 14 34.98.64.218 396982 (GOOGLE-CL...)
1 52.34.94.5 16509 (AMAZON-02)
3 54.199.70.238 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
10 54.78.50.52 16509 (AMAZON-02)
2 3 145.40.88.5 54825 (PACKET)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 23.195.153.54 16625 (AKAMAI-AS)
1 13.213.230.90 16509 (AMAZON-02)
6 10 104.254.151.68 29990 (ASN-APPNEX)
3 51.79.234.100 16276 (OVH)
1 13.33.33.118 16509 (AMAZON-02)
1 3.233.146.116 14618 (AMAZON-AES)
1 69.173.158.67 26667 (RUBICONPR...)
1 2 146.20.132.134 27357 (RACKSPACE)
3 14 139.5.84.243 27381 (CASALE-MEDIA)
2 142.251.12.149 15169 (GOOGLE)
10 23.66.150.27 16625 (AKAMAI-AS)
3 3 35.230.38.116 396982 (GOOGLE-CL...)
11 12 15.197.193.217 16509 (AMAZON-02)
2 34.96.105.8 396982 (GOOGLE-CL...)
3 3 54.237.254.37 14618 (AMAZON-AES)
4 6 213.180.193.90 13238 (YANDEX)
1 74.125.24.157 15169 (GOOGLE)
8 11 69.173.158.64 26667 (RUBICONPR...)
4 7 209.54.182.161 16509 (AMAZON-02)
2 3 67.220.226.234 16509 (AMAZON-02)
2 3 13.107.42.14 8068 (MICROSOFT...)
2 5 18.141.134.197 16509 (AMAZON-02)
3 182.161.73.136 55569 (CRITEO-AS...)
3 9 35.71.178.8 16509 (AMAZON-02)
10 23.195.152.23 16625 (AKAMAI-AS)
2 104.18.36.94 13335 (CLOUDFLAR...)
1 13.226.228.27 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
2 2 50.116.239.135 6336 (TURN-US-ASN)
3 3 124.146.215.43 2514 (INFOSPHER...)
2 2 13.33.88.71 16509 (AMAZON-02)
1 6 172.64.154.237 13335 (CLOUDFLAR...)
3 3 2.20.137.181 16625 (AKAMAI-AS)
2 2 198.8.71.131 ()
4 23.72.44.196 16625 (AKAMAI-AS)
5 5 103.229.205.243 30419 (MEDIAMATH...)
2 2 54.169.105.18 16509 (AMAZON-02)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 2 35.213.12.39 15169 (GOOGLE)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 204.79.197.200 8068 (MICROSOFT...)
1 54.65.93.189 16509 (AMAZON-02)
5 23.106.127.39 59253 (LEASEWEB-...)
1 13.33.88.40 16509 (AMAZON-02)
2 2 209.191.163.208 14744 (INTERNAP-...)
1 103.231.98.197 ()
5 5 52.74.13.196 16509 (AMAZON-02)
2 2 23.106.69.72 59253 (LEASEWEB-...)
2 2 104.254.151.36 29990 (ASN-APPNEX)
2 2 13.230.79.199 16509 (AMAZON-02)
5 5 151.101.66.49 54113 (FASTLY)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 103.231.98.196 62713 (AS-PUBMATIC)
1 1 18.139.240.219 16509 (AMAZON-02)
1 1 162.254.186.187 33695 (SCALEMATRIX)
1 1 52.0.191.77 ()
11 54.238.120.71 ()
1 1 74.214.196.131 ()
1 34.239.231.199 ()
8 103.231.98.194 ()
1 1 18.138.18.111 ()
1 2 52.74.234.58 ()
434 80
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
15    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com
e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
6    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
sync.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
19    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
92    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adservice.google.co.nz
cm.g.doubleclick.net
googleads4.g.doubleclick.net
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    172.253.118.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f113.1e100.net
www.google-analytics.com
6    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
adservice.google.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
d-36560746754094502396.ampproject.net
2    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
partner.googleadservices.com
8    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads.g.doubleclick.net
8    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
25    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
6    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
www.googletagservices.com
30    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
3    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    142.250.4.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f105.1e100.net
www.google.com
14    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
5    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
14    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    52.34.94.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-94-5.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
3    54.199.70.238 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-70-238.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    54.78.50.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    13.213.230.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-230-90.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
10    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
1    3.233.146.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-116.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
1    69.173.158.67 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
beacon-sin1.rubiconproject.com
2    146.20.132.134 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
14    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
10    23.66.150.27 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-150-27.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
12    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    54.237.254.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-254-37.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    213.180.193.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
securepubads.g.doubleclick.net
11    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    18.141.134.197 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-134-197.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
10    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
2    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.226.228.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-228-27.lax50.r.cloudfront.net
public.servenobid.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    2.20.137.181 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-137-181.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    54.169.105.18 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-105-18.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    54.65.93.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-93-189.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
5    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1    13.33.88.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-40.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
1    103.231.98.197 (None, )

ASN- ()
image8.pubmatic.com
5    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
2    13.230.79.199 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-79-199.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    18.139.240.219 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-240-219.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    162.254.186.187 (Escondido, United States)

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com
demand.trafficroots.com
1    52.0.191.77 (None, )

ASN- ()
a.audrte.com
11    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    34.239.231.199 (None, )

ASN- ()
cs.emxdgt.com
8    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
2    52.74.234.58 (None, )

ASN- ()
sync.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
68 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com
e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
620 KB
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
570 KB
49 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
pix.as.criteo.net — Cisco Umbrella Rank: 14332
csm.as.criteo.net — Cisco Umbrella Rank: 13902
622 KB
29 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 885
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
beacon-sin1.rubiconproject.com — Cisco Umbrella Rank: 14126
eus.rubiconproject.com — Cisco Umbrella Rank: 547
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
token.rubiconproject.com — Cisco Umbrella Rank: 551
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 860
pixel-us-east.rubiconproject.com Failed
71 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum.casalemedia.com — Cisco Umbrella Rank: 1329
21 KB
20 bg3.co
www.bg3.co — Cisco Umbrella Rank: 93127
static.bg3.co
15 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 470
image8.pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com Failed
36 KB
14 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13981
us-u.openx.net — Cisco Umbrella Rank: 395
u.openx.net — Cisco Umbrella Rank: 667
jp-u.openx.net — Cisco Umbrella Rank: 9869
3 KB
14 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17481
ads.as.criteo.com — Cisco Umbrella Rank: 13683
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14299
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
dis.criteo.com — Cisco Umbrella Rank: 700
139 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15653
e3.adpushup.com — Cisco Umbrella Rank: 17140
campaign.adpushup.com — Cisco Umbrella Rank: 29138
237 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 430
29 KB
12 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1310
usersync.gumgum.com
4 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
7 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
5 KB
11 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1589
public.servenobid.com — Cisco Umbrella Rank: 3212
8 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1130
contextual.media.net — Cisco Umbrella Rank: 553
cs.media.net — Cisco Umbrella Rank: 1345
17 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
4 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
7 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 501
eb2.3lift.com — Cisco Umbrella Rank: 350
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
218 KB
6 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3995
1 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
281 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27461
sync.aralego.com — Cisco Umbrella Rank: 3093
4 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
1 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 803
rtb-csync.smartadserver.com
3 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
3 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 135022
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 10668
47 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 917
3 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 727
2 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
1 KB
3 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 853
x.bidswitch.net — Cisco Umbrella Rank: 290
863 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 915
pixel.quantserve.com — Cisco Umbrella Rank: 655
cms.quantserve.com — Cisco Umbrella Rank: 644
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
510 B
2 crwdcntrl.net
sync.crwdcntrl.net
854 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 998
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 604
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 491
501 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 718
2 KB
2 rfihub.com
p.rfihub.com
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 24864
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 743
866 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1503
2 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1918
292 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
38 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2811
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
10 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
1007 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 687
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16632
10 KB
1 ambientdsp.com
cm.ambientdsp.com
652 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 contextweb.com
bh.contextweb.com
663 B
1 audrte.com
a.audrte.com
655 B
1 trafficroots.com
demand.trafficroots.com — Cisco Umbrella Rank: 3568
633 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 506
255 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1541
349 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3159
719 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 256
667 B
1 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 12730
234 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
633 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1403
502 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3654
517 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
2 KB
1 ampproject.net
d-36560746754094502396.ampproject.net
0 semasio.net Failed
uipglob.semasio.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 adform.net Failed
c1.adform.net Failed
0 zemanta.com Failed
b1sync.zemanta.com — Cisco Umbrella Rank: 560 Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
434 84
Domain Requested by
38 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
googleads.g.doubleclick.net
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
33 cm.g.doubleclick.net 17 redirects googleads.g.doubleclick.net
www.bg3.co
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
g2.gumgum.com
30 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
25 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
19 static.bg3.co www.bg3.co
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 pix.as.criteo.net ads.as.criteo.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
www.googletagservices.com
12 match.adsrvr.org 11 redirects cdn.adpushup.com
11 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
10 eus.rubiconproject.com www.bg3.co
eus.rubiconproject.com
cdn.adpushup.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
10 ib.adnxs.com 6 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
8 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
8 e3.adpushup.com www.bg3.co
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
7 s.amazon-adsystem.com 4 redirects www.bg3.co
eb2.3lift.com
ssum-sec.casalemedia.com
7 pixel.rubiconproject.com 4 redirects www.bg3.co
7 us-u.openx.net 3 redirects googleads.g.doubleclick.net
u.openx.net
6 an.yandex.ru 4 redirects www.bg3.co
6 www.google.com tpc.googlesyndication.com
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
6 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
www.bg3.co
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 simage2.pubmatic.com ads.pubmatic.com
5 sync-tm.everesttech.net 5 redirects
5 ups.analytics.yahoo.com 5 redirects
5 sync.mathtag.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 csm.as.criteo.net ads.as.criteo.com
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 image2.pubmatic.com ads.pubmatic.com
3 secure-assets.rubiconproject.com 3 redirects
3 tg.socdm.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 sync.srv.stackadapt.com 3 redirects
3 um.simpli.fi 3 redirects
3 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 prebid.a-mo.net 2 redirects cdn.adpushup.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 match.prod.bidr.io 2 redirects
2 secure.adnxs.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 ap.lijit.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 x.bidswitch.net 1 redirects contextual.media.net
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 ad.turn.com 2 redirects
2 tr.blismedia.com 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
2 s0.2mdn.net www.bg3.co
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 htlb.casalemedia.com cdn.adpushup.com
2 cdnjs.cloudflare.com ads.as.criteo.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 cm.ambientdsp.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 a.audrte.com 1 redirects
1 cms.quantserve.com 1 redirects
1 demand.trafficroots.com 1 redirects
1 match.sharethrough.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 image8.pubmatic.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 dis.criteo.com 1 redirects
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 beacon-sin1.rubiconproject.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 http-intake.logs.datadoghq.com cdn.adpushup.com
1 rules.quantcount.com secure.quantserve.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 campaign.adpushup.com www.bg3.co
1 e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-36560746754094502396.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 image4.pubmatic.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 pixel.tapad.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 id5-sync.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 stags.bluekai.com Failed ssum-sec.casalemedia.com
0 cs.iqzone.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 c1.adform.net Failed eb2.3lift.com
0 b1sync.zemanta.com Failed contextual.media.net
g2.gumgum.com
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
434 135

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-26 -
2023-04-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh

This page contains 67 frames:

Primary Page: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Frame ID: BABA3E4E0261E54343FC8299BBF39013
Requests: 98 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3CFB2EB879C067435B512D93C0053046
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AB6913D033B5C5F10EBBFB0D9853B80C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 05F1FC8ACFDCDC0CA2A06ED8DA150DEE
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 5241DA5378B29ED877C88D27BF393D0F
Requests: 9 HTTP requests in this frame

Frame: https://c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 396EDC1654B5EFBFC009486CB49BC127
Requests: 1 HTTP requests in this frame

Frame: https://e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1B1DA9F4DA81D1CEF31A0AED43512B79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Frame ID: 6C754125E00B4A4174823F92ADB9328E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Frame ID: CF3BE7990D977DCA79ED356F510AAC78
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-15817700822710669281&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3189&oid=2&is_amp=5&amp_v=2211302304001&d_imp=1&c=39245009743&ga_cid=amp-dut39T24kJJhm5qFygioQg&ga_hid=9743&dt=1671087938648&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&bdt=4799&dtd=716&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 9A5D9244CABBCF2765AA0353FA4C8D50
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 570513806D4AAC842BF8F50E4AD5AF36
Requests: 19 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: E6C3B671CEED5EA72BC150F903B9D094
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84B54629721F70E9C2E87246A3CFB36F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1680CA9AEB33E32F44AAFEA23CF77CC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 482C38F9D35247BF7E88864960740378
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC65B58B6D816E680357E4472D5A0557
Requests: 2 HTTP requests in this frame

Frame: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 518ED6807B8952461B2070194C9BD2BC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYAT58xSh7BKYU3BmQLg3cS4suNIQb2Y-UZAQjXFKjAKKcAqxyHfluyo9W9PZBSfvDQZKZ2ycUPiayKmcs1vMwUhacKzqu8QPLE_Je9N8GgzY655gWlJn-QC025g9NC7sewEdKJYlsU4KGHegLxD0K3neZ5BgrwIGDR7gMCasogH-jgaJQNjBkonxPIUqM8Y8_fqQWCwxyc_BsyrZAWe91PDXi5V-Me179IwLWMhrvsOU0KdGAVFHdtHUvDf-zQAZGQ-pRIOCcZOkwtKWbmTSeXQKWek4EI1I_jklYifZ9LIjg8-IzNo8M6FMt&sai=AMfl-YRfaWU_vLE9EUr27NBgZhX3wT95RrJGux9-thV2atL7h3xWyaW2Xvm4q76P1AsnZUsmFAzodWm18_zCPIVFGWgYtyXfv7zxktutechPNxqXUSUxbJIAunqskxMdhx9u5A&sig=Cg0ArKJSzGu8xD6-TJ_uEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 02F389A66C74D83941271DA74E6FDAC8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARj6idzZATAB&v=APEucNVQnd5dqhlvbDX3WT2L39NAQvaooFUASWpGyM-JgkLFy3ylvfz_JYObmE9aHgMFXJ31R2O0Rg6laTvI0TwrxxVxnjYZRw
Frame ID: 31EF0D58BC90F8C685F0CE1A9AD37A71
Requests: 5 HTTP requests in this frame

Frame: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B0C7F8CAD5691115BCB5B91898B36A6
Requests: 14 HTTP requests in this frame

Frame: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A2F717E167DFAF8146EA265A0450E7B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69FE1CC7B3E46FEF0D96604DC3EDFD47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BFE86A2E6C7048FAE2EFB51178F9B3B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63CA295319563329946F5DFCEDB3FD4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48726C601C503B7B5C51262E2E918EED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARiGtdLZATAB&v=APEucNXuVHJDOxOWnoLGoOoBOD7se-B4a622mJLZIzYPZDwG36BHJQDoqs4R7PUnvdjrJw0i90Z4zOFTu_COpSFyLxzT__yvkA
Frame ID: 4AB8274B93C552A6747FC7BF655BC129
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: A04D9D96423054ECCBBE36EA60DAE844
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 669A30665D8C5E96A5A6F3BF1F84C334
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=as&co=nz
Frame ID: 493BF0A3106998C76DA3994D2070427E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FA0FFFA65BDD773FFEE317D8AA965AB
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 612024E63FE11F1009DF2B760F34AC98
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DC164B5364AC266EFBE2D082EFD5BA28
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 6232EA7648E4FA693CE4F240683D3BFF
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: BEB218DE1800CFD79471A5593B921E2D
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1B1E2715C10E15A59D11FB73BD2789D9
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: D40E9CF92DE9314395997CB00EA55CA4
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1671087942466
Frame ID: 77F4DEFD68C7C6829F1922F9FD1C0BE7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C2FB65A91DD5725C5CCA09D1EB6DFBD
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 425620C7E87FB574B5FDE89BC1B5825E
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F9C948E7E40A452BE3AB884862D2BC7A
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A6E0DDB37BB62FA124543A623A762E6D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 61CD1ACDE1B1EB97607197E1D6AF9461
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=rkt&refUrl=&vid=10879474343140895477445510000V10&ovsid=1974054390676905442
Frame ID: 82A41A9E86FE3D0D92B9A08DE052E307
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dpba%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3DPM_UID
Frame ID: 130CB4773F295543DA155A79A97CD0E9
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F388786379547CB68D5D95D1B41F2E88
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 39704E11F00305A5005D6300A3836968
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 3F91DCE525936D31134E3924719F32D1
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1511AB99F54FEA84B314B6599BB3B78D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 34BECF022A2BB8DD14F1DB5AFF1A475F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: F6384C4269758E30B057CBA12AB79135
Requests: 12 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: FF4074A4D0F300525E49AA901CCFB5B7
Requests: 2 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 62877B8C7D5F26851DFD1FE9AA54945B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: FCEDD844175F82474B183A263390C373
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=09f3ca05-37ac-4c11-9d08-af20dbd13389
Frame ID: E95A3CDF7D22641C7168CCC3DA38C9BA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=03f6639a-c74b-4000-a2dc-fc0add57bdb0&gdpr=0&gdpr_consent=
Frame ID: 0E3C753A8AF649F41E3F209C43059641
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y5rHTAAEJBDs3AAp&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp
Frame ID: 80E8B5B9D33DA4728815D90CF8D40D2C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82NzdmNDk2ZC05ZDFlLTQ4NjItOTYxYi03OWM5NGM0MWY2ZTY=&gdpr=0&gdpr_consent=
Frame ID: BCF0A397DF595951581AE323F0311881
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: D362F70D289E71EEF7E21AEEC8010E27
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5rHTMCo8YEAAHUVunAAAAAA
Frame ID: B4205080ECD6E627122518FF503E6616
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5rHSe37pMogvKGDlAtQ5gAA%265028
Frame ID: 7D441840361E8248FA2CFE2098AF3B84
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=e4GDW8XfKa3irtsQnN4c&pi=gumgum&tc=1
Frame ID: B91BD12ACFA9E059234A4E72927455F9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E43C392BC07AA71D4DBD276E777BD2D8
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9421639a-c74c-4700-b772-52fc4d520842&gdpr=0&gdpr_consent=
Frame ID: B7DBE7197508287F8201FC9826D48D96
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rHTAAEFyeDrAAZ&gdpr=0&gdpr_consent=
Frame ID: CC6444EFFCBD98FF6D8D154448102F01
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270892766898541225&gdpr=0&gdpr_consent=
Frame ID: E2A7F022DC54D8EC3CFB2CC3F4A0D510
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6zdm62d3vm
Frame ID: E0452F119DBFDD555724E1CF52B04E09
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB
Frame ID: 92AA9D745134633649B9D2DDC61FACC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

新水井蓋好 村民開心搶洗手!下秒「噴出一條蛇」嚇跑全場 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

434
Requests

75 %
HTTPS

0 %
IPv6

84
Domains

135
Subdomains

80
IPs

8
Countries

3160 kB
Transfer

8089 kB
Size

111
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIRjSbTW6gZz0YmTWih1UNU&google_cver=1
Request Chain 207
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VWFhWkZ6ZWZ0NTQ
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&C=1
Request Chain 209
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5rHSUMzl1.s3Nvtd.FBJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&google_hm=2
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED3aH8HTV1Z31cfrRQS61_M&google_cver=1
Request Chain 243
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MDg5Mjc2Njg5ODU0MTIyNQ%3D%3D
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
Request Chain 245
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2I1ZGUyNTMtNWJlZi0yZDM4LWY4NzYtM2U1NzVlYTVmNzQ2
Request Chain 252
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOJqIst_2R5vp6E4mr1rYw&google_cver=1&google_push=AavPq0NRZQ2dy9KyGLqfp-EfS3NQM6HYDr_4v_WYit174CkCY5MTSle22z5FRw6FvdQZtwTmx9Psy-7HaChIIUHA8jLuqxC73m129WHeKy1KennAh0cCTfa4GYvV-Ltr5f4nA1X74mo_xNSE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E69FE32F54C340C29BA2766198371403&google_push=AavPq0NRZQ2dy9KyGLqfp-EfS3NQM6HYDr_4v_WYit174CkCY5MTSle22z5FRw6FvdQZtwTmx9Psy-7HaChIIUHA8jLuqxC73m129WHeKy1KennAh0cCTfa4GYvV-Ltr5f4nA1X74mo_xNSE
Request Chain 253
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0PZD7o62RQyoj3xLEqRriKoiMDpLONPkME3JwdAdZ_VefemN1qV7jyng_sHQh1oLFHSAlHEVk2N6pzotIYSocah9GcM-PCp87plYr5Y-KwKDndUPVrjVx1lpHbSwsfB_OhcC3x-4qHR HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0PZD7o62RQyoj3xLEqRriKoiMDpLONPkME3JwdAdZ_VefemN1qV7jyng_sHQh1oLFHSAlHEVk2N6pzotIYSocah9GcM-PCp87plYr5Y-KwKDndUPVrjVx1lpHbSwsfB_OhcC3x-4qHR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
Request Chain 255
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHugNna7D31ZpkEhIJTEBy0&google_cver=1&google_push=AavPq0NYHb3iRlYUr0qmpeMxqj4-eTIMcM7XlqPTLhIKZNkFT3SIrzbH9uzEdfiOv0C2jPSzShSFzdfhBK4qDt3y2Qeoe_wGTDtuyYwOP4M36qSkMhsgX-KzoGgcdEzx38i9_8R2tR8_6xNI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2SzDvRpMTb9ovhwMokSr9XRaStc&google_push=AavPq0NYHb3iRlYUr0qmpeMxqj4-eTIMcM7XlqPTLhIKZNkFT3SIrzbH9uzEdfiOv0C2jPSzShSFzdfhBK4qDt3y2Qeoe_wGTDtuyYwOP4M36qSkMhsgX-KzoGgcdEzx38i9_8R2tR8_6xNI
Request Chain 256
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?ext-param=AavPq0MiXT4x6uDIKLdqhBaVxf98LqlqJ292ht8Jv14IVfV9yFta_bcV0nJvH33A9hH3s48Ekl_VY87M5FvByKn2EdroHcM0akZ8_PVdy1_LV2CPyPXrjJdupj9lgILLNcKTogOSFE_MY_Tz&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?redir-setuniq=1&ext-param=AavPq0MiXT4x6uDIKLdqhBaVxf98LqlqJ292ht8Jv14IVfV9yFta_bcV0nJvH33A9hH3s48Ekl_VY87M5FvByKn2EdroHcM0akZ8_PVdy1_LV2CPyPXrjJdupj9lgILLNcKTogOSFE_MY_Tz&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK-gO-Ia90TYAoqPa482Hcw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 270
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOJqIst_2R5vp6E4mr1rYw&google_cver=1&google_push=AavPq0OzB0Rd9RKAKrCAa0N22R9ukivko_Cir_Lihm0GfZLolZYiVrLlvUG0KrqMSdGmjyNBpL2ZftrBJoD6D3RLx_y7_pInYYFtoUg0gFaDO7Kfuu03TMtkAQvQAA5cISHH-VZc298zL2E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F74250931EFC458AA55A17FEA1FC362E&google_push=AavPq0OzB0Rd9RKAKrCAa0N22R9ukivko_Cir_Lihm0GfZLolZYiVrLlvUG0KrqMSdGmjyNBpL2ZftrBJoD6D3RLx_y7_pInYYFtoUg0gFaDO7Kfuu03TMtkAQvQAA5cISHH-VZc298zL2E
Request Chain 271
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0Og02A36VEMGVBtiuc_936Kmm-Qb43SPlotrWlSqxcVTD-7dBcGrgpz2c0MH16NrQvYmJZ1mO35Wgg7z7VzJ27NzuXGJvhR7uX2bcgk0cgJ22tDQFD-qmsI4ZB7KyyKpOS4EWrx2Fk HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0Og02A36VEMGVBtiuc_936Kmm-Qb43SPlotrWlSqxcVTD-7dBcGrgpz2c0MH16NrQvYmJZ1mO35Wgg7z7VzJ27NzuXGJvhR7uX2bcgk0cgJ22tDQFD-qmsI4ZB7KyyKpOS4EWrx2Fk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
Request Chain 273
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHugNna7D31ZpkEhIJTEBy0&google_cver=1&google_push=AavPq0MuqB_59-xvkP53hnuED0DsKKIhcNLdMHnnqwWvuuokDFtvEl30NXHay8ZsPaPey3ip2IkZn7Sv0JHDIugPBTXR0zB5a59NkHjEvELGtTh68NU7_akGpaoO9MdkcM94smoL2DKbHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=KULr3jX7RwlUz9RcTJ0oU3RaStc&google_push=AavPq0MuqB_59-xvkP53hnuED0DsKKIhcNLdMHnnqwWvuuokDFtvEl30NXHay8ZsPaPey3ip2IkZn7Sv0JHDIugPBTXR0zB5a59NkHjEvELGtTh68NU7_akGpaoO9MdkcM94smoL2DKbHQ
Request Chain 274
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?ext-param=AavPq0MM5bSbl38H7WjBZTe0b3qvJJq_BvEYZ8EXX23MUu8DVFmTo4zfEDydMCT8RpSwOotLdGSlt-5d9nK6llWp_9_qAgZVmWzwo1E_h1sJUc1FIZoRZnfNfoKmO4rZAdSSNLi-KdjJHS68&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?redir-setuniq=1&ext-param=AavPq0MM5bSbl38H7WjBZTe0b3qvJJq_BvEYZ8EXX23MUu8DVFmTo4zfEDydMCT8RpSwOotLdGSlt-5d9nK6llWp_9_qAgZVmWzwo1E_h1sJUc1FIZoRZnfNfoKmO4rZAdSSNLi-KdjJHS68&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK-gO-Ia90TYAoqPa482Hcw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGlSDp6R5GVhkQCjgjAU4qQ&google_cver=1
Request Chain 285
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RvqOOwlwT6Gciu4bftQD0g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RvqOOwlwT6Gciu4bftQD0g
Request Chain 286
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_-DD6AkqT5qQuvGMGN9qqg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_-DD6AkqT5qQuvGMGN9qqg
Request Chain 287
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOQM4O6-Q-82ZG
Request Chain 288
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiMTBlZTlmZWFiNzAwNzZiYzM4NTM5Zjk0OTNlMzk0ZGU1N2VkMw
Request Chain 289
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=&expires=30
Request Chain 290
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPUU00TzYtUS04MlpH
Request Chain 291
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3AlVRlELcCeZENwdEAl3Ng?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6O9pp5BE2oJVXjd3u5WfpGHK6IJxQgLXpToMNg--~A
Request Chain 297
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 309
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8413649442431883293&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 310
  • https://match.adsrvr.org/track/cmf/openx?oxid=e7323199-9298-739c-ed96-64ee94473926&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=e7323199-9298-739c-ed96-64ee94473926&gdpr=0&gdpr_consent=
Request Chain 311
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5rHS8Co8YEAAHUVulIAAAAA
Request Chain 312
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXtsmFjs4wWQks8ADzHoqy5dl88AAAGFFJqBDQ
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
Request Chain 322
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 323
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Drkt%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=rkt&refUrl=&vid=10879474343140895477445510000V10&ovsid=1974054390676905442
Request Chain 325
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dapx%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=apx&refUrl=&vid=10879474343140895477445510000V10&ovsid=5270892766898541225
Request Chain 326
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dopx%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=opx&refUrl=&vid=10879474343140895477445510000V10&ovsid=2f1e5806-3998-497c-8ed9-1a8026a8abfa
Request Chain 327
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dmma%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=mma&refUrl=&vid=10879474343140895477445510000V10&ovsid=03f6639a-c74b-4000-a2dc-fc0add57bdb0
Request Chain 328
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dr1%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dr1%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D%5BRX_UUID%5D&cb=1671087948343 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1483351523 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/09f3ca05-37ac-4c11-9d08-af20dbd13389 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e3536eb-2823-4118-a15f-d15d85226c95-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e3536eb-2823-4118-a15f-d15d85226c95-004
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE0MDg5NTQ3NzQ0NTUxMDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELxTng2TQA5UZuaEZLqIZJk&google_cver=1
Request Chain 330
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Ddxu%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Ddxu%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=dxu&refUrl=&vid=10879474343140895477445510000V10&ovsid=kg3eoGgb1P5Ijq5
Request Chain 331
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1208dfd5-91c6-4226-be72-5c97859bc59f
Request Chain 333
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dzem%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=pli0AfN0iVCwZAmrBxhB&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLQNRUTAQLGJYYGSVSDO5NEC3LSIJ4GQQRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTAOBXHE2DONBTGQZTCNBQHA4TKNBXG42DINJVGEYDAMBQKYYTAJTWONUWIPJTGE2DAOBZGU2DONZUGQ2TKMJQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLQNRUTAQLGJYYGSVSDO5NEC3LSIJ4GQQRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTAOBXHE2DONBTGQZTCNBQHA4TKNBXG42DINJVGEYDAMBQKYYTAJTWONUWIPJTGE2DAOBZGU2DONZUGQ2TKMJQGAYDAVRRGA
Request Chain 334
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3140895477445510000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3140895477445510000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=76cf46f3-7cb4-467b-bb94-82a960eb77fa&cs=1
Request Chain 335
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=09f3ca05-37ac-4c11-9d08-af20dbd13389
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=09f3ca05-37ac-4c11-9d08-af20dbd13389&dongle=0cfd
Request Chain 337
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAzNjQzMTQzMDc2MjYxNTY5MzU2Mg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIJTBGLsB_q1K6xQYJu5Kxc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 339
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAzNjQzMTQzMDc2MjYxNTY5MzU2Mg%3D%3D
Request Chain 340
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4036431430762615693562&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4036431430762615693562&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f&_noobservation=1&_expected_cookie=b33593b8ce70013f833c97db8ce3a887
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4036431430762615693562&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4036431430762615693562&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
Request Chain 342
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4036431430762615693562?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-OdXmDGhE2oQWY3P_eTYGQPGwSd8nZfrlvhkYMHp5ug--~A&dongle=0883
Request Chain 343
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4036431430762615693562 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4036431430762615693562&dcc=t
Request Chain 345
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5270892766898541225&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 350
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 353
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5270892766898541225
Request Chain 354
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F0aJCRZHG-HW0w89T_e-Zzr8
Request Chain 355
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=F0aJCLZH-po76GTGQNqZ81k4
Request Chain 356
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1671087948343 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4963824870 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/09f3ca05-37ac-4c11-9d08-af20dbd13389 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e3536eb-2823-4118-a15f-d15d85226c95-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e3536eb-2823-4118-a15f-d15d85226c95-004
Request Chain 357
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1975180290392194244
Request Chain 359
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1476%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D42a96ba1-afc8-46f4-91ab-d22c6a9b57ae%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/1476?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=42a96ba1-afc8-46f4-91ab-d22c6a9b57ae&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=5270892766898541225 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F1476%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D42a96ba1-afc8-46f4-91ab-d22c6a9b57ae%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 360
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
Request Chain 361
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYyARo4AQ==
Request Chain 362
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
Request Chain 364
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&dcc=t
Request Chain 365
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&expiration=1673679947&gdpr=0&gdpr_consent=
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
Request Chain 368
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
Request Chain 369
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_639ac74c4c9d8&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639ac74c4c9d8
Request Chain 370
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=wUTbNYku3_EFCkfQ-Exh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD252VKRRE4WLLOUZV6RKGINVWMUJNIV4GQ
Request Chain 371
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3b3e639a-c74c-4c00-bd06-26829a5e83d4
Request Chain 373
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270892766898541225
Request Chain 374
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8413649442431883293
Request Chain 375
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFRA07HNY8AACBCmR5eZw&expiration=1672297549
Request Chain 376
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5rHTAAEFyeDrAAZ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5rHTAAEFyeDrAAZ&_test=Y5rHTAAEFyeDrAAZ
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
Request Chain 378
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5rHTMCo8YEAAHUVunAAAAAA
Request Chain 379
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9421639a-c74c-4700-b772-52fc4d520842
Request Chain 380
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e37f99dd-9bc0-d7f1-aac16695
Request Chain 385
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=998714e5-f0f8-42d3-8edb-f95d739208b3&gdpr=0
Request Chain 386
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=c11a46d7ea&gdpr=0&gdpr_consent=
Request Chain 387
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=L7zNnHq4wMU0uMLOe-nZzyu_l8g07ZHNL-rj8V4z
Request Chain 388
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=5gd-jHQjkXfSoiU43sQlugPQg
Request Chain 389
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5270892766898541225
Request Chain 390
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_677f496d-9d1e-4862-961b-79c94c41f6e6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=16b5ed26-3d7e-4882-8a30-b635311213ae
Request Chain 391
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2942ebde-35fb-4709-54cf-d45c4c9d2853$ip$116.90.74.215
Request Chain 392
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_677f496d-9d1e-4862-961b-79c94c41f6e6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ryewugNpV6EV6B29SIn5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TZMV3XKZ2OOBLDMRKWGZBDEOKTJFXDKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TZMV3XKZ2OOBLDMRKWGZBDEOKTJFXDKJTVONPXA4TJOZQWG6J5GEWS2LI
Request Chain 393
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1671087948537 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1301396462 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/09f3ca05-37ac-4c11-9d08-af20dbd13389 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004
Request Chain 394
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=abFGvPwOVYEK&ev=1&pid=558355
Request Chain 395
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28C7ZcOmnHP4KQ6TGBe2UFKUcpVNLUc_HYGHGGjrbKiq8JHiPSMq6KIUDiv2sT6d28%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28C7ZcOmnHP4KQ6TGBe2UFKUcpVNLUc_HYGHGGjrbKiq8JHiPSMq6KIUDiv2sT6d28%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_677f496d-9d1e-4862-961b-79c94c41f6e6&obuid=ENC(C7ZcOmnHP4KQ6TGBe2UFKUcpVNLUc_HYGHGGjrbKiq8JHiPSMq6KIUDiv2sT6d28) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 396
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=100f95e9-ba8d-4bca-8aed-74035c173860
Request Chain 397
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Z3I43CZE2pdhPoukp00Uh1UcpZdp4VA9oi5r~A
Request Chain 404
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 406
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=09f3ca05-37ac-4c11-9d08-af20dbd13389
Request Chain 407
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=03f6639a-c74b-4000-a2dc-fc0add57bdb0&gdpr=0&gdpr_consent=
Request Chain 408
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5rHTAAEJBDs3AAp&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp
Request Chain 411
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5rHTMCo8YEAAHUVunAAAAAA
Request Chain 412
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5rHSe37pMogvKGDlAtQ5gAA%265028
Request Chain 413
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=e4GDW8XfKa3irtsQnN4c&pi=gumgum&tc=1
Request Chain 414
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 419
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LBOQM4O6-Q-82ZG HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBOQM4O6-Q-82ZG
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9421639a-c74c-4700-b772-52fc4d520842&gdpr=0&gdpr_consent=
Request Chain 421
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rHTAAEFyeDrAAZ&gdpr=0&gdpr_consent=
Request Chain 422
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270892766898541225&gdpr=0&gdpr_consent=
Request Chain 423
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6zdm62d3vm
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y4QH4ORlReqVY9_HwW3yqw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 426
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=CB8407E0-E465-45EA-9563-DFC7C16DF2AB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=CB8407E0-E465-45EA-9563-DFC7C16DF2AB HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=94776736-53b6-4623-8637-dd760c1a6dd7%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=94776736-53b6-4623-8637-dd760c1a6dd7%2C
Request Chain 427
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&gdpr=0&gdpr_consent=&ct=y
Request Chain 428
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0I4NDA3RTAtRTQ2NS00NUVBLTk1NjMtREZDN0MxNkRGMkFC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB16Qk3ozrpO6wQ3Vcus-fU&google_cver=1
Request Chain 431
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F74250931EFC458AA55A17FEA1FC362E
Request Chain 433
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=
Request Chain 434
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UkSZ6ltE2uWf6JKZiU90w4pRg0ElK88-~A&gdpr=0&gdpr_consent=
Request Chain 436
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBOQM4O6-Q-82ZG HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LBOQM4O6-Q-82ZG

434 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
www.bg3.co/a/ 		50 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1ba96ff1afca18a82c53b140d261809d03fcee20269cb4dd8df64f6fece57829

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 07:05:33 GMT
ETag
"c810-/3yFsje1QjPT4IMYf88kgrcCcpI"
Expires
Thu, 15 Dec 2022 08:05:33 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1d9c8ceb7cf286270006dd4f86dbfd576f1a09be3b4bed57903bfba8516c99a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:05:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72749
x-xss-protection
0
server
sffe
etag
"beb55b0fc7119951"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 07:05:34 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5ec9862ecfa60efd569fefc3ebd5184f04237a16b6f58a550845d205ade6cf58
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:05:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9669
x-xss-protection
0
server
sffe
etag
"cbd8519113bf6f33"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 07:05:34 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
6dfd7ef537b825d757d86530e0786916f658ee8a968e020ff4c9fcaebd2fb09d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:05:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7579
x-xss-protection
0
server
sffe
etag
"caf8174111709778"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 07:05:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
3b9e21d8c284c548afd1d8404af13b2f3276a9b03bfc3a3242dbb05ceffd90c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:05:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"944569ce72ce7bc2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 07:05:34 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ac2a0935e5d4d935413b4bb63b4e633cf0da7c7d0b418bab2381ba4aac0f23

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10570
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45389
last-modified
Wed, 14 Dec 2022 08:06:43 GMT
server
cloudflare
etag
"63998413-b14d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq76FwlK0%2F0iSLFBo0lBlD8xsrAXhI78jU3N%2FZiWK9ONwyUxlFhHKmLgSYIUk4zvCv5MOGB2hxfJt1wvMPmQIKSJdiTpZ3czolXzeY1vrPsJGtwPRcrNq80WBrL%2FggCThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779d54eba894ab02-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
38699d129a523f13737145cdae16928a789fbc5a3398c6107f133f133a39d080

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:35 GMT
content-encoding
br
last-modified
Thu, 15 Dec 2022 07:00:35 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=11, origin; dur=221
x-cf-geodata
NZ
content-length
9195
expires
Thu, 15 Dec 2022 08:05:35 GMT
adpushup.js
cdn.adpushup.com/42753/ 		523 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1f08e05453aad99f022d7d6ac6fb7c01474f4256e0095d26ff9deee09016eb53

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:35 GMT
content-encoding
br
last-modified
Wed, 14 Dec 2022 12:27:45 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
x-cf-geodata
NZ
content-length
115890
expires
Thu, 15 Dec 2022 08:05:35 GMT
afa7d3d450f232efef17a8010450e0a8.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/afa7d3d450f232efef17a8010450e0a8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ffdbf3e553b6a7f2ebe1d29141dc98b4.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ffdbf3e553b6a7f2ebe1d29141dc98b4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
445eff1b88213580f57fdf404cc618d9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/445eff1b88213580f57fdf404cc618d9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
25e3141859c0d5c008a7b8f67bea6810.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/25e3141859c0d5c008a7b8f67bea6810.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e1a2805e030d56c3dfa356a19769fed8.jpg
static.bg3.co/imgs/202202/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/e1a2805e030d56c3dfa356a19769fed8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0c36e488d675c136ea5fd747b5760c52.jpg
static.bg3.co/imgs/202011/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202011/0c36e488d675c136ea5fd747b5760c52.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5d990c57d3e8571fe432aa107acc13a2.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/5d990c57d3e8571fe432aa107acc13a2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a67d5120dc44a3e4365942b2d2d2755e.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a67d5120dc44a3e4365942b2d2d2755e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bb99f879dccceb74b815d4fd26be55b8.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/bb99f879dccceb74b815d4fd26be55b8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1bdaacfc48bef481f4ab72f3379a7df9.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/1bdaacfc48bef481f4ab72f3379a7df9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f8b99614ab8189a02d067dabacfd2744.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f8b99614ab8189a02d067dabacfd2744.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
31caa9a3c7fc3a2174c4ad8b52dc2601.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/31caa9a3c7fc3a2174c4ad8b52dc2601.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
95306ac7db35b3941a15f4a0ad3ea7de.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/95306ac7db35b3941a15f4a0ad3ea7de.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
39d7ed36ff52c3a0853e44eee0b81fc4.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/39d7ed36ff52c3a0853e44eee0b81fc4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f66fb41b69cad1ccc6a9cab38dab0679.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f66fb41b69cad1ccc6a9cab38dab0679.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5f6ea329e86d314528c36ca639aabf83.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5f6ea329e86d314528c36ca639aabf83.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b4c39c496f33f36647edf8dff2c07322.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b4c39c496f33f36647edf8dff2c07322.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c3766284974a808111ef39d43cf0c01a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c3766284974a808111ef39d43cf0c01a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ed04fc9c7660ee5c6d0894f107843ba4.jpg
static.bg3.co/imgs/202110/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/ed04fc9c7660ee5c6d0894f107843ba4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211302304001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
bef2282faf902fe1b1acec1b0d8c906bf1a2e995afce857e54beb33b223efabc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 22:06:26 GMT
age
118751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2996
x-xss-protection
0
server
sffe
etag
"cbf4fa0b7fe986bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 22:06:26 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211302304001/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
8f53569f908406da985db7df02c2c867f4f889e604f51a30feff3bb10772dfe9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 22:06:26 GMT
age
118751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23075
x-xss-protection
0
server
sffe
etag
"adb1ceb5352b6b05"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 22:06:26 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
919 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
b0e00b433995ed64a31fbe0335f9ea4fba37397cb7275ac40a53cd45257b33a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
478
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211302304001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
da8e2d4ee9ba1969dba02333e32a576fa126bb12a5cec33c2139e16365faa2f7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 22:06:26 GMT
age
118751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3944
x-xss-protection
0
server
sffe
etag
"569fa17b77746141"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 22:06:26 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:38 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNKq65wGEogBCiQ5YWVkYTlhZi01ZTZiLTRkZWMtODJjNS0zNWYwYzVjYWQ0ZDMQ+OiCoKvU+wIaBgjCjuucBiINMTE2LjkwLjc0LjIxNSiY4QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDcwZDI2NjI0LWJhZjAtNDMyZi1iZTk4LTVhZDIxMGRiY2U4NBi46QE=.va92tyWM+984QdaNyQo8GM5lkZEK6EKHX2NEiHWhcz8=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1671087938.dop067.la3.t,1671087938.cds279.la3.hn,1671087938.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2699
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MFCGIYcf3YQq2YOK%2FpHSXGB%2B2yo%2BkDZHuzFxov%2FGZaRIkf2sVNY%2BnNmCwAzQxEVUzqM35zO%2BE%2F8MjcCsFJZHQEmJwGhybUf91xTHhbxeO06VeWmJ3MUixxEkVZ8GA%2BP5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
779d54ed8af5ab02-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43ede94b0cc7dd8b2e3a22b8171332baaa72d694d355ccaa506103338b7d3c15

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:36 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43ede94b0cc7dd8b2e3a22b8171332baaa72d694d355ccaa506103338b7d3c15

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:36 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7117509840048266&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:35 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6302312685893572&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:36 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:38 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNKq65wGEogBCiRkMDE1MGYxMC1lMzZiLTQ4ZDItOTdjYS0zOGYyYWU5YjAxZDAQ+OiCoKvU+wIaBgjCjuucBiINMTE2LjkwLjc0LjIxNSiY4QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGY2YjFiZTNmLTc0Y2YtNDNlNC04ZjNhLTk5ZTU3ODFmNWMzNxib8QE=.XO8GKvvc8XoKsWxLWQMz4MmCC6ZOurnE0/LxF0rp9XM=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1671087938.dop067.la3.t,1671087938.cds279.la3.hn,1671087938.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3CFB 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c7895d26ab30432ecb4b7ee8e3d6bf402effd42bab480e6f77c1d185cd5f8dd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34159
x-xss-protection
0
server
cafe
etag
14737640669283036115
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 07:05:36 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211302304001/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
909021a78ca89b176ebabe2daee2adee0f30be3783588d557d73f3929553c108
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 22:06:26 GMT
age
118751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
server
sffe
etag
"0ff7ce4c5c0f9202"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 22:06:26 GMT
gtag.json
cdn.ampproject.org/rtv/012211302304001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 22:03:04 GMT
age
118952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"02f16ee98b0c7891"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 22:03:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AB69 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ce845b349e01dbaa6806c6ffbf68d48779f5e836a3b5a2d37b0c8b466b07ca33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34128
x-xss-protection
0
server
cafe
etag
5487201274938460544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 07:05:36 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 05F1 		714 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2730
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
779d54f44827a87d-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 07:05:36 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHtse%2BV2H9cRjU8eo09c93OBG2oGzw%2B5bYCfl8%2Fd7Dj60MSsNRC7uSELTi0pcDUoOyPML1PeBfg%2B422DPPaHCKStTTk2B3dh8BZOInMFpwoLNZqtxu2BGhfVMqnWzmjqHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:37 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 5241 		714 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
2730
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
779d54f4583aa87d-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 07:05:36 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDOQpLoCgcs%2BkAnGESJiqJwdaYDeymEbNuIF8byzA%2BG%2FrySao4m1EhexSw4rj%2FCViJIFkGCFesgqp43a1tCU9epx1mllJeBiAZFDO19WtqJnSFBYX8EB6vs%2FxSuX3egcTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5241 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1422 / 108 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 07:05:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 05F1 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
46eaca8feeaefa95329b8fa1ad2f534bab954d61d9fd2b2eca99862694c730d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1422 / 520 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 07:05:36 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 3CFB 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
7f119542d87eddbacd5dc8650fdc89f2be1ca9d0456964151fed32065365af8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119966
x-xss-protection
0
server
cafe
etag
2634167040386806422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 07:05:38 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 15 Dec 2022 07:05:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame AB69 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ce4d1bde257a6dd888670961d004874d5c2d4f3e757a2116e93d4802e23e9673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119962
x-xss-protection
0
server
cafe
etag
15918316035980646953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 07:05:38 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 5241 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Dec 2023 06:36:07 GMT
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ Frame 05F1 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Dec 2023 01:08:19 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211302304001/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211302304001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
ae4cefca3a44474a949f576ce5c1fae56d2eca68a81832d109e7767966741c0e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 22:06:26 GMT
age
118752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57949
x-xss-protection
0
server
sffe
etag
"65451653b045466f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 22:06:26 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%96%B0%E6%B0%B4%E4%BA%95%E8%93%8B%E5%A5%BD%E3%80%80%E6%9D%91%E6%B0%91%E9%96%8B%E5%BF%83%E6%90%B6%E6%B4%97%E6%89%8B%EF%BC%81%E4%B8%8B%E7%A7%92%E3%80%8C%E5%99%B4%E5%87%BA%E4%B8%80%E6%A2%9D%E8%9B%87%E3%80%8D%E5%9A%87%E8%B7%91%E5%85%A8%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-dut39T24kJJhm5qFygioQg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.21849381350801877&gjid=0.20095323943654542&_r=1&a=9743&z=0.7964515460091934&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-36560746754094502396.ampproject.net/2211302304001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-36560746754094502396.ampproject.net/2211302304001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ Frame 5241 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5241 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5241 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=806564886218164&correlator=4240148191762711&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1671087938619&lmt=1644386353&dlt=1671087936778&idt=1815&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=k629opw03x1b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=649308340.1671087939&ga_sid=1671087939&ga_hid=1423241525&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
be83e12de4deb4d21fa921a33a9c667e5613ec7f3d3da89d3fe8219dff882bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 396E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Fri, 15 Dec 2023 07:05:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 05F1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 05F1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 05F1 		498 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1586159000669624&correlator=2865905139771717&eid=31071256%2C31071296&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1671087938708&lmt=1644386353&dlt=1671087936788&idt=1898&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ajjlr0iz761l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=240323415.1671087939&ga_sid=1671087939&ga_hid=1537356823&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
94c0dd209935da5662bb23b56f687a3fc0d85381af0cc81f1db49dbd522a12f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B1D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Fri, 15 Dec 2023 07:05:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1671087938763
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:39 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Thu, 15 Dec 2022 08:05:39 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 3CFB 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
1783aa2e209188503fb051140d62a985b4d2dd0d469ee5690a24d556219ab342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 3CFB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3CFB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C75 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
43fa3a368fc1e4502a3f55189b782dd4fdd634dc2b93dd6f4a3dc52469b7ff4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9961
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Thu, 15 Dec 2022 07:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame AB69 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
e23d184520a589a87478d44306b707140daf0f291fa319c33ec5f890681c400d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame AB69 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AB69 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CF3B 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
8745647fcf1421dd506a0ad7dde7e4087cb6dccc376bb2fa143b6443b9bc8050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9983
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Thu, 15 Dec 2022 07:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=16
content-length
94168
expires
Fri, 15 Dec 2023 07:05:40 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=20
content-length
211
expires
Fri, 15 Dec 2023 07:05:40 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-length
18371
expires
Thu, 15 Dec 2022 08:05:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1422 / 805 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 07:05:39 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzEwODc5MzkxMzMsInBhY2tldElkIjoiMDAwMEE3MDEtMjRkYjZjYjAtNTUxMy00Yzc5LTg1OTItMjJhYTE3NDlhNjZiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1zaHVpLWppbmctZ2FpLWhhby1jdW4tbWluLWthaS14aW4tcWlhbmcteGktc2hvdS14aWEtbWlhby1wZW4tY2h1LXlpLXRpYW8tc2hlLXhpYS1wYW8tcXVhbi1jaGFuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6881.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzEwODc5MzkxMzQsInBhY2tldElkIjoiMDAwMEE3MDEtMjRkYjZjYjAtNTUxMy00Yzc5LTg1OTItMjJhYTE3NDlhNjZiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1zaHVpLWppbmctZ2FpLWhhby1jdW4tbWluLWthaS14aW4tcWlhbmcteGktc2hvdS14aWEtbWlhby1wZW4tY2h1LXlpLXRpYW8tc2hlLXhpYS1wYW8tcXVhbi1jaGFuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6882.400000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzEwODc5MzkxMzQsInBhY2tldElkIjoiMDAwMEE3MDEtMjRkYjZjYjAtNTUxMy00Yzc5LTg1OTItMjJhYTE3NDlhNjZiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1zaHVpLWppbmctZ2FpLWhhby1jdW4tbWluLWthaS14aW4tcWlhbmcteGktc2hvdS14aWEtbWlhby1wZW4tY2h1LXlpLXRpYW8tc2hlLXhpYS1wYW8tcXVhbi1jaGFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=6882.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
2801
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Thu, 15 Dec 2022 11:05:40 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzEwODc5MzkxMzksInBhY2tldElkIjoiMDAwMEE3MDEtMjRkYjZjYjAtNTUxMy00Yzc5LTg1OTItMjJhYTE3NDlhNjZiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1zaHVpLWppbmctZ2FpLWhhby1jdW4tbWluLWthaS14aW4tcWlhbmcteGktc2hvdS14aWEtbWlhby1wZW4tY2h1LXlpLXRpYW8tc2hlLXhpYS1wYW8tcXVhbi1jaGFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6887.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzEwODc5MzkxNDIsInBhY2tldElkIjoiMDAwMEE3MDEtMjRkYjZjYjAtNTUxMy00Yzc5LTg1OTItMjJhYTE3NDlhNjZiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1zaHVpLWppbmctZ2FpLWhhby1jdW4tbWluLWthaS14aW4tcWlhbmcteGktc2hvdS14aWEtbWlhby1wZW4tY2h1LXlpLXRpYW8tc2hlLXhpYS1wYW8tcXVhbi1jaGFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6890.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9A5D 		603 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-15817700822710669281&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3189&oid=2&is_amp=5&amp_v=2211302304001&d_imp=1&c=39245009743&ga_cid=amp-dut39T24kJJhm5qFygioQg&ga_hid=9743&dt=1671087938648&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&bdt=4799&dtd=716&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211302304001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Thu, 15 Dec 2022 07:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5241 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
231f98e164a2342c578cf558fd6bb254b5a93af953e3f135ba897318201f75e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12532
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 05F1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e42941c47643954400f6ba5f286c556dd40ef0b8a565c276da4211d0b3d35578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12549
x-xss-protection
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Dec 2023 06:36:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Thu, 15 Dec 2022 07:05:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CF3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Co_zmQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEpgJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZiTX5e7EnhTi-Tvuohq73lb0CUqDBifuYnwwY0Vlpe4_MLgGu3buABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=8FldowCpE6M&uach_m=[UACH]&cid=CAQSGwDq26N9zAaA3IKDENTgHLB881fljfhOd818FRgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 07:05:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame CF3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-qNEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQQ8eaY4zlO4p8acjKvMwnABIAAA&wp=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
178997
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 5705 		139 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
974dcc9c382845db5c514138a2fa984e09c176dbb4476cbef327e0e1ba70c089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=hnunJUOfcFnNxl9y6EjXKYnrIuH2dVBVbCfKj1OhvWNJPVVLYh7EEJkbQpp9ILVIUV8CQM29lM5EAm9HuKyi4yLLFoD70Je5qa-rM0R9Vn-ADK9gN8YuckYvQz0knJlAR5xOeFGTtUbzMkTLv_2_FqYO-XwlQdxJi0EnofVtTZdxtnEz6ev0DezvvQ78M8UO9LU9vwiZGAbGrbM_w75L7yrC20JQBlOeFlfWk9BK6FkbHWG3cXpgHrRXAp6r672oKIZHnnY5jCvrspMJ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
34453487
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CF3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CF3B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CF3B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6C75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-b_IQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEoAJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRm4xYz6p5EBMSiR-fi4jkJboXdjHKKodTMGb_iOH7SqbOUzN3bFTaABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=OZtUkVhpJ00&uach_m=[UACH]&cid=CAQSGwDq26N9Ic-DlX6L62AuiG23wsyOuICUkrQf9hgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 07:05:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 6C75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-qNEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQQ8eaYxmvYwCK0BT_UkGBABIAAA&wp=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
167214
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame E6C3 		138 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
19d1bd2b2b02631268c99cbd4a2d88b1701412975e39efd11e231287ba7580a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:39 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=5MEumEOfcFnNxl9ywHm-i8-7HBWbugfk-OB0wlxVK1unQle1TSH3FhHAiTi6S1kegeCYsSzKkTaosi2UH3bqMQsm-EdQuDE9-YcWlBPkGCoCztKy99popLbZ8JLUF5wNeSS1a-nVKzGOa2RI9qpRoLo8e1q-7mNq280HgADoj17ftF6bgWhjUbrS-9ZoVlhLXXRlIoMGw_keEzCYsHsp2M8PHJrri99ZoY2mF6zzSMAIVeZ4rXuM0UiSUH_emyTaYEz7F7KSNHntK06n"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
48175243
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6C75 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6C75 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C75 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937077&bpp=13&bdt=1543&idt=1800&shv=r20221207&mjsv=m202212050101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=2&ga_vid=1179240873.1671087939&ga_sid=1671087939&ga_hid=1961905151&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2143595953&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071168%2C44780792&oid=2&pvsid=3629488238436790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ovwniehcc2j7&fsb=1&dtd=1819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5241 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 05F1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:40 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5705 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5705 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5705 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 10 Dec 2023 07:05:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5705 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 10 Dec 2023 07:05:41 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 5705 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=EiaUlP75XM3tyKw0QFopdBT6cT16MeYGhiKabIuMh8gtXKT1FDOdjAPLZ4fHzyNN_Z5ExB4-8WKwu7OAlo7UgXmuax7c-vcAcFNJKV2WNUqQHTst6Kctu1EW7wIXECUmzE0xNsw823QHQGQHGwKnRPO5QMEDP7ijzS6-owHyuTAIi643PmuSAoQOxdkD17AXRhyrUh_lr67SA149iXad5HlvtlzSTw_hkrYQckhwN-lMNIXrx7FHJJ0QQkRwVmORAwutBn-Db73_0eTNxcwSfbELk4Tum9jGrIkYX9yX_mDQMZMEuEWJlbyJAFk3cABWjwGrZRi-A_EGfyiXHbwiDQb6YBN-Kgr9ZDVzDXHPCPeVH1vmKjQUXFhZlQVkARTOiIbQOjsGhxY3n4ncfzw6yU_u2rIkmrJ5u4cSG4RGnO3wxiNT
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1782962
expires
Mon, 26 Jul 1997 05:00:00 GMT
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame 5705 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame 5705 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
truncated
/ Frame 6C75 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af3d472fc1716b3e930db4ad30473f50ba42010b5112c6ab4b18b2d80bc6a7f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 07:05:41 GMT
truncated
/ Frame CF3B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d01883160afa0bed0140cda1e1f9d8f910e16f198dcbec38db77aa9fcdce66

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5705 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
218709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKqRsbq%2BjFT5mguKx1N4eZLumaJo4%2Bq1M1syhKomKvbc2vatjiCrbj6NI8WSskeNOi1R8U%2BYGLHLebQR2NU4SWdUuwIO59hg%2B%2BewyLGJoR8pJgJnCxdAAqRdzwgoGQv7CEj5l0%2FW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779d55157ffdaae4-SYD
expires
Tue, 05 Dec 2023 07:05:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 84B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
144858
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 14:51:23 GMT
expires
Wed, 13 Dec 2023 14:51:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F168 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
efd1d45be46a160c5f513d5a3b72a5c18b113e59ab1a9b186718998a0c306794
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qcVOzA6ZZu3Bh5lpRpm8EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-qcVOzA6ZZu3Bh5lpRpm8EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:41 GMT
expires
Thu, 15 Dec 2022 07:05:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 482C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
144858
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 14:51:23 GMT
expires
Wed, 13 Dec 2023 14:51:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BC65 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
071cb5a96691bda17c415ff896fc543fe3af1954fcfd5638166cb85b047be667
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-upvWe0s2wXdv-0K7RVmAgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-upvWe0s2wXdv-0K7RVmAgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:41 GMT
expires
Thu, 15 Dec 2022 07:05:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame 5705 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
58fc60f40dd4435497330822cdf657c5_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221213/ Frame 5705 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221213/58fc60f40dd4435497330822cdf657c5_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
29cf25c600fbcb19402374249a002f7885df857c2ecf166e23e7a3ecc59d0239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 13 Dec 2022 17:14:57 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6398b311-850d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
34061
expires
Sun, 10 Dec 2023 07:05:42 GMT
img
pix.as.criteo.net/img/ Frame 5705 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27196916
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Thu, 26 Oct 2023 01:47:39 GMT
img
pix.as.criteo.net/img/ Frame 5705 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5613740_png%2Fgema-drop-earrings--asymmetrical-design--mixed-cuts--long--multicoloured--rhodium-plated-swarovski-5613740.png&v=3&w=400&s=GmaMXzpD9JFD-Jg6vZ3bKdAx&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
21295c187205746a49fa6654b6bff00a75127e2c58d51a5432802c03ec09632b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27403372
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11900
expires
Sat, 28 Oct 2023 11:08:34 GMT
img
pix.as.criteo.net/img/ Frame 5705 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5607353_png%2Flucent-cocktail-ring--octagon-cut--blue-swarovski-5607353.png&v=3&w=400&s=00Yp72k5imgMuGumVm5IwRy2&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e5c5e32b0287f6596395e62be73ab90f1b7624ab573cd5a5f6a6f9f9686d8b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27398791
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17118
expires
Sat, 28 Oct 2023 09:52:13 GMT
img
pix.as.criteo.net/img/ Frame 5705 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5511698_png%2Fswarovski-power-collection-bracelet--grey-swarovski-5511698.png&v=3&w=400&s=pqHF_ihlSstmdKizYT7dBRpK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47327ec37b83ac7e0ca8d6a6d05d6e9c88f9672f5c890d89de0962bea8c7a510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30922126
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31492
expires
Fri, 08 Dec 2023 04:34:28 GMT
all
csm.as.criteo.net/ Frame 5705 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=hnunJUOfcFnNxl9y6EjXKYnrIuH2dVBVbCfKj1OhvWNJPVVLYh7EEJkbQpp9ILVIUV8CQM29lM5EAm9HuKyi4yLLFoD70Je5qa-rM0R9Vn-ADK9gN8YuckYvQz0knJlAR5xOeFGTtUbzMkTLv_2_FqYO-XwlQdxJi0EnofVtTZdxtnEz6ev0DezvvQ78M8UO9LU9vwiZGAbGrbM_w75L7yrC20JQBlOeFlfWk9BK6FkbHWG3cXpgHrRXAp6r672oKIZHnnY5jCvrspMJ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5705 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5705 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:42 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E6C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame E6C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E6C3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 10 Dec 2023 07:05:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E6C3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 10 Dec 2023 07:05:41 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame E6C3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=nD8IBf75XM3tyKw0QFopdBT6cT1VGlwY4xpcaCdKCFWFBawbsufTzyuf-FowMVZT_1a66v_g4x2rcqRmFJmSWL1FE_7hWqL_LIE5Y0sQJ1YGz_RizkTdh7dgAIUgtvOJx9AXz1hfuevsQTBQybd2HXmg6DUXy3KTPvdyp8cTvOO8TxgcFSYKku0yUrO9sE724oDcWObGsRa37qbxYXutxgU2qo1iKDrGXlvmeCvc06_OXlzu6A4Rsn9NYc-mr7efCGMi0QdRxz2LOggCdelNnorsTLgzuLY0J-yY61A_m86f6Th9CZupCViliPwsuL29M21Vn4F5ZkkFBVNA085cmwGmmADp5LOFHaSJYfQSzmQMg2q9f9wctmnZ9eC6GA6ToOsPuSCw6Q7-ebbr775Lc_aqpg46SmrdZiPkNYzcuqQZMf0n
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1776756
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E6C3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
218709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ewNUhq4UHBgDD1QsvEpcMtM81ZPDiJc%2FLHgYpcrHTOXFA9PibqiHCqbzHMWJc09ZPo7roUYXlBy87wanlqkhw%2BsR67Wj0Uhl8rPCeYuBKvM%2Bz0gv4fGmMZF1SIYH9DDRStihQpM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779d55157fffaae4-SYD
expires
Tue, 05 Dec 2023 07:05:42 GMT
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame E6C3 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame E6C3 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221215
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11082
x-jsd-version
1.0.1556
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-7f8qDY2VEq3Tg9Q/RU9Vxgw1xIU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErPUCPq4zskR%2F9ZbEA9EDYT%2BmvQmVuUL%2BCjnW97DZ8JvR%2BFFbwPsU7K1W4Vf8XrxzV5d%2B7tVUSUw3kJqrCaF%2BAuETmlTXHmjCYPgKbb8T0%2BxUY%2F1zaiNWA3nEfi5fCsxnPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
779d55142f30aaed-SYD
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2cd2c966af6338b7a5958ecbe2fc7a5d999b0017e5c43246c6b5c841f87c17e5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
545
alt-svc
clear
expires
Thu, 15 Dec 2022 07:05:41 GMT
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
02dc8b9c8fa11a01180574461d14510ee1870b2983b354d54fedf7b9679fb37d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 07:05:42 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8eeb7d23-f05a-4782-a845-a3d6fb328214%2C4cd30c31-a28f-4aac-9cfc-26433d0d4093%2Cd9bbd903-4b6b-447f-99b7-5cc1a782f61f&nocache=1671087941378&pubcid=349e0ec0-3b1f-4c6b-b740-ac06f0600adb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1f6ef0d6cf65bee68e3f61dc43db7dec2dea3eaffe3d6aaeabf20e3bfd254d2d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5c147e5c-72c4-4018-bad5-46f62a4c1431&nocache=1671087941379&pubcid=349e0ec0-3b1f-4c6b-b740-ac06f0600adb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=22834d5c-623f-46b1-aa42-3c22bc2026c5&nocache=1671087941379&pubcid=349e0ec0-3b1f-4c6b-b740-ac06f0600adb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d45887f7-3839-4227-a697-80021817d388&nocache=1671087941379&pubcid=349e0ec0-3b1f-4c6b-b740-ac06f0600adb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.94.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-94-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
6
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.70.238 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-70-238.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c58827b4b43db6113ff3338f984ab503a38986dee877b602eef2a0b8db3c833d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.70.238 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-70-238.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7704062461a908331af9be8ec71a91d706bc62fcadff90dd56e22043d97bd462

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.70.238 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-70-238.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e91aacfcb77dae3817ed99a51debfd864510bc21dda1fb8b17bb862f34a4764a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=349e0ec0-3b1f-4c6b-b740-ac06f0600adb%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=16762aec-b8f4-42e3-85b5-7a459b3826e0%3B3907b722-683b-4b21-aaff-0bec691b4663%3B29a0577a-ce85-4866-a0da-09e40c7dee95&l_pb_bid_id=23050f41ddb6aef%3B24b3ef4dbbd7bdb%3B257532f987a55d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.15155387324506164
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dd131543219076fa8cf62d18b67065128f8200183b9de26d0c86bc12062186f8

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7646
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 15 Dec 2022 07:05:41 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223476cdb9b525e81%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224144f1aef0fc357%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22446ba49d819f963%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224544f87c3052a43%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22349e0ec0-3b1f-4c6b-b740-ac06f0600adb%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57159be1144d675dc3817976688f9ec9350bea6a2ec7d1a401f9237ed6edf2ba

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuERs9MjxN1LD8GhT6HVEL53PG15fH2VCjUcmogOpA2Tv7HU%2FYVt2y9ER7Bk2RHomgLbMSyIkBt4eZseL5pO6lACCtw00%2B1yMgKdSZGYK%2FPMtZ0GKbsiGKtp82epgHOIPdG9aFze"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
779d55146f21a7f3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223476cdb9b525e81%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22446ba49d819f963%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%224544f87c3052a43%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22349e0ec0-3b1f-4c6b-b740-ac06f0600adb%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b27a4423817ceba69a07c53858a4df50737051508e2bf67533c8c90d233c14

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WbvdwV1Z2GJCAubwDf9d0Ua0RO3ROkDrIPf7%2BX697wKB4qz1oU8HZK9Z5WWd2TgryS6T3YGjn7T8n24nsX5WqceapXtcpru6gUY1KppYTlhcrKz6iITWw8RQzpBxthBe85mlyXQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
779d55146f22a7f3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=63965180002
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 15 Dec 2022 07:05:42 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.230.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-230-90.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		377 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
76ffec36e87452399c967970e7af8a437fe4056fb443fab10e30e8255164ee78
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:42 GMT
AN-X-Request-Uuid
4582fe24-37cd-40cf-a76a-1bf8dfa9f787
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
377
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
animejs.js
static.criteo.net/animejs/ Frame E6C3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:41 GMT
58fc60f40dd4435497330822cdf657c5_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221213/ Frame E6C3 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221213/58fc60f40dd4435497330822cdf657c5_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
29cf25c600fbcb19402374249a002f7885df857c2ecf166e23e7a3ecc59d0239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 13 Dec 2022 17:14:57 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6398b311-850d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
34061
expires
Sun, 10 Dec 2023 07:05:42 GMT
img
pix.as.criteo.net/img/ Frame E6C3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27196916
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Thu, 26 Oct 2023 01:47:39 GMT
img
pix.as.criteo.net/img/ Frame E6C3 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5511698_png%2Fswarovski-power-collection-bracelet--grey-swarovski-5511698.png&v=3&w=400&s=pqHF_ihlSstmdKizYT7dBRpK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47327ec37b83ac7e0ca8d6a6d05d6e9c88f9672f5c890d89de0962bea8c7a510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30922126
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31492
expires
Fri, 08 Dec 2023 04:34:28 GMT
img
pix.as.criteo.net/img/ Frame E6C3 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5607353_png%2Flucent-cocktail-ring--octagon-cut--blue-swarovski-5607353.png&v=3&w=400&s=00Yp72k5imgMuGumVm5IwRy2&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e5c5e32b0287f6596395e62be73ab90f1b7624ab573cd5a5f6a6f9f9686d8b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27398791
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17118
expires
Sat, 28 Oct 2023 09:52:13 GMT
img
pix.as.criteo.net/img/ Frame E6C3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636564_png%2Fmillenia-drop-earrings--square-cut--green--gold-tone-plated-swarovski-5636564.png&v=3&w=400&s=mXMmKDP0jlFD1n7K9mZdetuN&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b83cdc89c65c4342dbedf241ffa6cd41c6eb2fead2c6a8f829347f5ff4c337e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28786254
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12812
expires
Mon, 13 Nov 2023 11:16:36 GMT
all
csm.as.criteo.net/ Frame E6C3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=5MEumEOfcFnNxl9ywHm-i8-7HBWbugfk-OB0wlxVK1unQle1TSH3FhHAiTi6S1kegeCYsSzKkTaosi2UH3bqMQsm-EdQuDE9-YcWlBPkGCoCztKy99popLbZ8JLUF5wNeSS1a-nVKzGOa2RI9qpRoLo8e1q-7mNq280HgADoj17ftF6bgWhjUbrS-9ZoVlhLXXRlIoMGw_keEzCYsHsp2M8PHJrri99ZoY2mF6zzSMAIVeZ4rXuM0UiSUH_emyTaYEz7F7KSNHntK06n&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E6C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E6C3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:42 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 84B5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:48:29 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 482C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:48:29 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:24:54 GMT
via
1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
JrhFAbrBfy8D4bDQ7Dvp33PY6Gu8Cd1JQw-RAlpQX2escmDunSVIvA==
L2EveGluLXNodWktamluZy1nYWktaGFvLWN1bi1taW4ta2FpLXhpbi1xaWFuZy14aS1zaG91LXhpYS1taWFvLXBlbi1jaHUteWktdGlhby1zaGUteGlhLXBhby1xdWFuLWNoYW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGluLXNodWktamluZy1nYWktaGFvLWN1bi1taW4ta2FpLXhpbi1xaWFuZy14aS1zaG91LXhpYS1taWFvLXBlbi1jaHUteWktdGlhby1zaGUteGlhLXBhby1xdWFuLWNoYW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 15 Dec 2022 07:05:42 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=215
content-length
555
expires
Thu, 15 Dec 2022 08:05:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F168 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=1586159000669624&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame BC65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=806564886218164&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 84B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OYPV1g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 482C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y5DEzg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame E6C3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=5MEumEOfcFnNxl9ywHm-i8-7HBWbugfk-OB0wlxVK1unQle1TSH3FhHAiTi6S1kegeCYsSzKkTaosi2UH3bqMQsm-EdQuDE9-YcWlBPkGCoCztKy99popLbZ8JLUF5wNeSS1a-nVKzGOa2RI9qpRoLo8e1q-7mNq280HgADoj17ftF6bgWhjUbrS-9ZoVlhLXXRlIoMGw_keEzCYsHsp2M8PHJrri99ZoY2mF6zzSMAIVeZ4rXuM0UiSUH_emyTaYEz7F7KSNHntK06n&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
31b4ef2154885aa4d976136059a91be88614d6e94ed6de5b3b702d7a7542c383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78498
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 07:05:43 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-116.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 07:05:43 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C75 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD4xyK-CDw13HteSLAXihHD2o6ztvj6xLCVP2Lw7y18c3bH74ULfHJb4ojFtFJR-Cua_F13ANBnwL_m_wZQoDfEK_L&sig=Cg0ArKJSzMWbYdZNAKeVEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671087938899&rpt=2634&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.as.criteo.net/img/ Frame 5705 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5511698_png%2Fswarovski-power-collection-bracelet--grey-swarovski-5511698.png&v=3&w=400&s=pqHF_ihlSstmdKizYT7dBRpK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJHNsBc9Q0AAhSf_qyyzpu0oB2Bd6Ixw&u=%7C83Aoka2tShi7eia0IjskSjq%2Fn1%2FqIM%2FXyUgv3jb40pY%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmodZMAqzp_DnOFMHBGQSG1_eIYsCfaT8KWA98ipV-J0CHU5kznH1KaSRuZDtU0sprIrOQRQxHzS32BUezatzZeWpkzuVhVT5AvSAvIpxk4e9ItanIC_ZaKfjLjFrBICtVumD76aNnhyGQCcd5oywo5gn6nEHZ3UijFvI-i0eWBwHWmeXklsaubS5kVmuzh9PSs8yERwQKimZwKqLbZHRsUynVm7QsSplsZ2dXEQlnhij6zdNVdlWSoWk_FceKkZTaMT0-gEyOZWl18H6Dmx9ZItexr_6kXb3lCFA3_czFs7IIZEjgF9hJYTt-Bc7ONmcz7FNYM7m8IbUGU47GabH2zunIqfbP5lKqnYMgyG1n47HGq49nFEx1_PjhPDNbevklj6LC0huHLwRbnTLOaYRyvzidGIMoJnZNdZK-G-U0guO6MnJO9hoVRXjdPJSFWBjQLeuCY3qbAbytaxjdwgZQ2hjG3GyUReQHAKCTeDrqxc5mIRTeUEwYf83wvyLiDiBDiBB_lNek4au8ogjyPQFetVpjpXrXvMig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3GwdQ8eaY9u5JLSoz7sP_6ShgAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEqQJP0B4wBIaVSd4Zy2h5KfEJjN-LXODN7EIz3uHs_vv4OwaoQ42qU7xG3Eo0m8NID7LbW4qISs0nfRAq3nElSP4Fxg--80NCJsa8qEiXIvq2d7pfKdwSyKKOvonReH0-jU980r3g4dtPyIJTgWaQCJyLeQibQHsNLDzZLZ4aitNnCdKgep29slbTF3OkWut6UV-QimTBEFXq3jvZzX9bH08IclZUtofYB0e3hnSMOr86wqjjcXthC29OqxOVioQn3kbAeHOVXZyn_UweSH3hKHYtSW44JFlBvdIFcliaXHqkrTBD4kNIFSQY8jhshBQ3IMOnksv9llVeSy28fg7C_4zZyzfY6VTpDEZBx4o2bfhtVpQWWDfLp-NwF_9OS5DXZaPUyeo_o0ScRUeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mvl_7JB5KOgDVmGnKv7cdr9RL_Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47327ec37b83ac7e0ca8d6a6d05d6e9c88f9672f5c890d89de0962bea8c7a510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30922125
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31492
expires
Fri, 08 Dec 2023 04:34:28 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW4tc2h1aS1qaW5nLWdhaS1oYW8tY3VuLW1pbi1rYWkteGluLXFpYW5nLXhpLXNob3UteGlhLW1pYW8tcGVuLWNodS15aS10aWFvLXNoZS14aWEtcGFvLXF1YW4tY2hhbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTI0ZGI2Y2IwLTU1MTMtNGM3OS04NTkyLTIyYWExNzQ5YTY2YiIsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZDIxNTYwNDgtZDczMS00YTY3LTk0MjctNTgzOTEwYTk3NDY2IiwidGltZU9mQXVjdGlvbiI6MTY3MTA4Nzk0MTM2NSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZDIxNTYwNDgtZDczMS00YTY3LTk0MjctNTgzOTEwYTk3NDY2IiwidGltZU9mQXVjdGlvbiI6MTY3MTA4Nzk0MTM2NSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImQyMTU2MDQ4LWQ3MzEtNGE2Ny05NDI3LTU4MzkxMGE5NzQ2NiIsInRpbWVPZkF1Y3Rpb24iOjE2NzEwODc5NDEzNjUsImJpZHMiOlt7ImNwbSI6MC4wMSwiYWRJZCI6IjgyZTU4NDgzZDI3MTMwYyIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjg1NSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzEwODc5NDIyNDZ9LHsiY3BtIjowLjA4LCJhZElkIjoiODMzNzQ0MzU1Nzk1NjgiLCJvcmlnaW5hbENwbSI6MC4wOCwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEyODksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjcxMDg3OTQyNjcxfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InJ1Ymljb24iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjgzMzc0NDM1NTc5NTY4IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA4fV19&c_b=11411.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		121 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3968379502703943&correlator=2048060645748058&eid=31071296%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.08%26hb_ap_adid%3D83374435579568%26hb_ap_bidder%3Drubicon%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Df7f3e862542827c2-22cf3f270fd9003e%3AT%3D1671087940%3ART%3D1671087940%3AS%3DALNI_MYxYdOFHAUvcUrEMmJAcxe3rDs8Cg&gpic=UID%3D00000b90faef6186%3AT%3D1671087940%3ART%3D1671087940%3AS%3DALNI_MZUDewIS3bjdqj-7PWqUP8QT32Xfg&arp=1&abxe=1&dt=1671087943677&lmt=1671087943&dlt=1671087933849&idt=6838&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=440016029.1671087944&ga_sid=1671087944&ga_hid=9743&ga_fc=false&ga_cid=amp-dut39T24kJJhm5qFygioQg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
5c9e4122d3f8ea671bd06eb8426c382d8decb026b2e04993e4b9b074d26e48c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45094
x-xss-protection
0
google-lineitem-id
5221339618,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294149007,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 518E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:43 GMT
expires
Fri, 15 Dec 2023 07:05:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
pix.as.criteo.net/img/ Frame E6C3 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5511698_png%2Fswarovski-power-collection-bracelet--grey-swarovski-5511698.png&v=3&w=400&s=pqHF_ihlSstmdKizYT7dBRpK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHQwAJE8MAtx5VAAeYY1AduSV7pyTRXH_iGw&u=%7C83Aoka2tShhFTHnYIZdGr4nkahplsfzz1gVWZSyWBiQ%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u685Q3p3syHeAJY9w2mYWwhnyz9niHZRF64WLhVZvPhmcCTALjZa4kAyVm8bKMlKJTE96qsDFWDEGFGxVIo-cw2hsxpo4FPfCnk3aO5b095XiqIaSk4F5zJXYsCZIi2_1sRlMeI89zwlfiPEYhFHT0ixkaynPZyY-43uIShoMea1jLQxgf4J1YdHDyaCnolHU559jLuldbxW0d-2kTKg55rO9X0bEMZgB3qnkBZnd5PnQLQbt9vz7KZ5d2R1-RzJvhLFsiqcKn1hhkvWNpdhGVKeOT0XfisW34TKzxk4V0r92baUdNGCWn4hX0kdwCFG6IIGnhyonupVKTOYk72VgkmcONEEKiWh7JxCoaBGPwj9EXRVN5wdvs5fnJrKIdUIG325my3gElfRtRKOn9TOhZcsJ6_5xIWxfgtp2T-cQlnkNNKA2zOBykpZ1z6Vs4hLb0FzeHUxTzssmwC1VLz1mqncM3jeaqH46odlL1pDuD4G8YJMufmK3ZsQSlC93LR8Nn9D0dbetL9WD6M2LbTj6NBmVp-U-u83rhwMYoS4xsgUe1gc3Tdyw_G_K-7ljGna5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeGKOQ8eaY8OnJNW83LUP47CeqAqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJJB43-OQenPqgDAaoEowJP0MeeIFw_Kcmg_X99hjj37MjDUWvdBuQHGf-adXW2n2-NG1lHeId5Lgnh0L5k79sqPnn9T-Ew7A9Wh2IlpOMEdFe-xZdTJNz9rXcyzmnCfJkaNauIciHnBnK1237hC1nTd0ztsUkD2Pwys-8WrRUlos8nfPPECsTEeWd_6MNoQf0wPAla3cgjeepLO9eIezn0KLL5QndkESIIarB6AABjibSx8Ibz59jCux7yEy4QDXl2Tp_b4ZrMxr220L5jeNEHHI036IDwuZbp4E6UhHgqnHEY2tSpKGW9WQU9I3s-1hcq4ySdDO2CdezUmR9u6oXJVvOF6ySpyjRmoRQSeHuKjbpdzpZ8CW-TrazJhuWAj8wkkUy0ordst5-MKzZKa8kdIEKABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OkFUOgfwkVTcJxIRmEfIcQMh4tA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
47327ec37b83ac7e0ca8d6a6d05d6e9c88f9672f5c890d89de0962bea8c7a510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30922124
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31492
expires
Fri, 08 Dec 2023 04:34:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AB69 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
5a98a4cfb75f3530c2a07e050595b7e2727f6617a50e2c01b1302ae11d76b779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12491
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3CFB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
525863d5d48fec12eea4a44e6fefe2931e2d1bb9e1e9aa8526cfe49a592cf922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12614
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AB69 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:44 GMT
pixel;r=334008994;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html;uh=e51ed67dfb8d9...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=334008994;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-274883148-1671087941809;pbc=349e0ec0-3b1f-4c6b-b740-ac06f0600adb;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1671087944126;tzo=0;ogl=;ses=7957a452-d53c-465b-ba2d-3e4eafb9dfac
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 05F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=1586159000669624&bg=!l5SllNDNAAYgquz3AKo7ACkAdvg8WiwZui8gYd1OdjxBsV9_Mj7tDGzT6pODUhWtT7YvOsaBGSo98gIAAACSUgAAAAJoAQeZAsQmurTlAGTYySvDkfHYMIaBW2ZL6I7QcdpRGEWC7zuCy3OhiXYxfX977iERDCxI49BlUUO4qMIgeO0mT1ZN3YdJFsbST7Jk7cBGfxX9_f0tDgBc08pGYq2HwiAPVkgiWpR16WVLWm1qqQtm6KbISbmXDI9Dx0ITpt1AnvE9MxYprXIBPYknifQS00MQ3aliIKOsgkYUFeVYj1BM_l1F1D6Qn0Oiwy6DW78qY4rayvClkY0cF1g9Bt3vp250uiYauFBcJpM7eebEAKIInVVczaM3djWGDCRnTtU5wsSxR76a9IJTlHEvL4L-6V2n55I8DaciX1Da2kSjPAq4RiU7xUbyeAU38r8aVtsilGgk8khwsZupDgKy7lgIlfdllLzJJyErT1-vVTJ1RBesA-IU-s8-HIM_FzZbeORWB-QRBXSmqyKp3k0zp_H3pTeqOuPa6O7PbrB-8TJKnUFYpfSnr7OtJPP7Kp3T3V2B6kzBO7NWxSjrbDlzR4RSi1VxdEmgv7D34cNQDW4ubMGmo8shzCsLqLdcsQd2IY3RVplgtdD0pM8t_TyWS1z0eizAlRdKYuChaSvPjvcsCPv_p-BRy_LKTkRw7pJu5Rw1VShrk4hWZRYUc3bm-EkgAkYo1FtQmwoY-zU9LMAtGjgoBDbjYzQ6e2SXRlVJKH24EeSTWB6DazldOauUtVrWKUJyeU5x0fODfNKYTtlgH_MljGsRHSE9Oe7TQVfI2-TtjozbsMpXlFdF4p6jlk3ltegnNfO139IraeC3mpB1_4UJY04DVQZPM-BqfoZGspem2xjI2NDASyNXiqdk533XORmGryXndeH7ceI2m4Z0pS2dK9OVtx98N3_xOnSsZUl-NXIuVxgCdcroWnOCM3zoAKKOp9uYk3KfK9fJ2eACUxAtliMY8as_DNzRA3_GKUqohUNbJr1bbk2Wksk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5241 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=806564886218164&bg=!r6ylrOjNAAYgquz3AKo7ACkAdvg8WrG5qebNL_ni_HCz9nzhZHbtWss5r66bGggqm3d5pdAoakFmqAIAAAB_UgAAAAJoAQeZArc6ULyrKUObAOfylFdcrTGaHdLG-vWTIqApLgd0-NNqwpKVufhmWglxc1xhJxw4inolpn-NdjS_wuAT6OP7IEfPK_WFfvLMjw7Pt98s-6-wRJUAadZPWG6zwBJaZB6HL-kYYe8qR34AdE6OdeXxNqBDbUeCFs7l6k2AZW-tRQDgdYLF_hpkHTSTWEGA1641niRnWNPMeOS1O_dR95T7XDZPwO5rbTlEIB2aFN2o-NpTLH0GlApkVc3-5pYHupzAl4FUutIRzkpEE-3eDvlYfLp9KP74llWdNKQbHv_kBG8a7IKvoENmgP-QTbtQ0FsqTa1CUIaX8-zHg-OqrYPjwgUqqjSqYJd32xurqdM3FQjsXCOhIWjeaTQ1NQaWiOrCR46Es8hMH6ZzEoplesY721VYXui1pmVhssRmQUDGAi0XCaEasiPTL3KhewqdA5sBGXYjWyuMayKTmqPjBwYYF7y1Xn3Z8kYUVRDfSDveGqDnR9PEeyznQ75qtNL9y2zPKwohK2mr0DyrPYSdPP_qbOmwG2zB0B94oWC-OVi6mkDfM6HLEUV0lFNLyo9y8Ug7nJKHRvuxBP5ttdxJMixDKuzJi2wp3ftlwTeAEbN1D-JXBzItNJj23oUH0ptuxdBLq6V_FK67qao45NNXyzWE8Y6yByVSI7H0sTYFJQRJD6Ly8JUe3UlSoClzjtZ_JE-LdwMUHm4TkO0hM6f9oMMiVbdGqceuv3pkreBlpQBnqxGrHEwJ2rz7hxsTUxlWhjLwYG2nWmsT6C9cbPuia7Za9OaWHU8HSQ3zSGV1biKK9EsjSUiAeZd11XTyvov4hwwTcx_xVhDlghvaL0SQDjPjty80mRzYNdN2sZsmF6f4SaVoUeKBErO_ru40qFmCyvP-5kGvB8bOqLb3mbq1TcLGcBb7-1NRsil-4g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3CFB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:44 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 07:05:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 02F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYAT58xSh7BKYU3BmQLg3cS4suNIQb2Y-UZAQjXFKjAKKcAqxyHfluyo9W9PZBSfvDQZKZ2ycUPiayKmcs1vMwUhacKzqu8QPLE_Je9N8GgzY655gWlJn-QC025g9NC7sewEdKJYlsU4KGHegLxD0K3neZ5BgrwIGDR7gMCasogH-jgaJQNjBkonxPIUqM8Y8_fqQWCwxyc_BsyrZAWe91PDXi5V-Me179IwLWMhrvsOU0KdGAVFHdtHUvDf-zQAZGQ-pRIOCcZOkwtKWbmTSeXQKWek4EI1I_jklYifZ9LIjg8-IzNo8M6FMt&sai=AMfl-YRfaWU_vLE9EUr27NBgZhX3wT95RrJGux9-thV2atL7h3xWyaW2Xvm4q76P1AsnZUsmFAzodWm18_zCPIVFGWgYtyXfv7zxktutechPNxqXUSUxbJIAunqskxMdhx9u5A&sig=Cg0ArKJSzGu8xD6-TJ_uEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 31EF 		663 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARj6idzZATAB&v=APEucNVQnd5dqhlvbDX3WT2L39NAQvaooFUASWpGyM-JgkLFy3ylvfz_JYObmE9aHgMFXJ31R2O0Rg6laTvI0TwrxxVxnjYZRw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:44 GMT
expires
Thu, 15 Dec 2022 07:05:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 02F3 		68 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHBa3-iUL985WlV-5LC_CNZWi43mAHIxSmxAv7rAnfC6g0DG_FLhmnayb-gxZuRS4oMXN4yZ3su5O0wtSaN39rVVZVAA3FiCB-XvhgLaOZQDv19lXoAJFR1phyKPgRLEvZZ-V2GfCAniS6XYsiG6zyUZCi2NjcOrmWCG-z1EH73WdiSOE&cry=1&dbm_d=AKAmf-C9uGhxKQHqHv3xc2bP9X9HHYaeYfwwbxNUyi5C1gmwMJcTgLZUxym6QgXBmVAvHfKVzlQP6HENeXv-Drz4WllWQRdNRRa8ooiksfnDMtW8x8dkxK7gEico6m_Pidj5lKM2jM9SsmR82HaDP4JRWE3R3AvaOW46BiHuLPdYhNvyySaqqOuFT0pLtvnheHB8Q9uHtFkUe9bETgA0H3WN-sc1cTyCMCiFKrJO-PGvdvG8EoDMTJAjpQoobMgkw6wQ9-xAkzX6MCBeEn2IYCXVemiYlm-WyeW1apyoP2RPKAZUXDAQyVVTvTw-5gKJ2xHQkGsxmToCqmz6gw5Q-Olfp1WUFmicHZk1cM4pcxMw0gJDQ3Is7PkBSHoOUOK3ivjDZ25_ZKoV4dIYWW9fnKbVOw8K9Zt4GeKGdYRAkKsArPdFpfzh0KCIRFDlHijtcE-KUQLo1EIZ6x_Jqo2mvT8qPlpK-GnT1FACxM9_MMymZp2faq8ilRe_fTfv0uzeJ_3Md0EjMfCVvCfRibrdcrQIzeUnODNA3tAMUqin1zgE-j6sDg9iVmHReibiS4gB1jBMG5NGOfqu2A61sc4ij1dElBvXDRGOslbICQvVevQoukPcTUoMV_SSBNH1RmfVy_v8nGDR0USUTjK9c9dqJEzfso9GSIbajkvYog3_bEUqZwv3bPnrKyq6-yQxX3btLjpxkquNXA0vmAouuRqhNb0Kqsn__rV7Lkgd-IQLBcFen0Z6ChC6HkTReY108LQpWtCyAtMrXzHUb0R5x09VDdniXJ58fYZkt9tVrg_kCd5m6PkLFnnd8etQYSi9FoAFsbFBKKpx0ppWZ9Bq_VZDtvlsStVbcjRtf7t0HPZ92c2dIGmUYGcXdLXPg_fWPd_T-wjohx7gnwl3D0T-78Eza38oc_YoZecbsK9pyxu4iZsQ_tppF7AyspqDlAFVGfPwTQ1PBxbstqCexzEzU57sR0tvDzLE7AKRtBNHNM7muxzO5XU4TLh8YVw70NJWpnpazH5uu1eiNtlH9UBMALVE8RcqGOSSuCX7YPeZHsbfxmaTiXqvqasIeh8YA2jd8_V3EkxLYsXaRVmSw-3sqtKB-QM4D7UC7zDfHPff5tp15MPUT_7xzCNMCciRF85kUpqKzN3mBefdU9uhEKzJEoTRQeDAb7lhEsr0cUGUJB0jxNHVA1xYaOtPHXQf0rLUbqVsOI1Y62wqq7BFI57itCrJeTGwF6GmLPjNkb3h5NIxTHKXHBpdGrB837w8CFeXPLwpcciGslqM_8RnIzmH_i-EA56IhcMYiVg7yia_S_ol0folhwQuDsH5MPN8iJGv-Xek1_9AgoutAkuv5Io6ZI0Y2VP0Ujc8ecq-RjuYZLCWi-3DPS226qINxRG5ZMs3aoyt31_bTlSA-DeelcFRyqJy3Ih6QlqW8OqldjRpZlrSiKqn-Q7ROiyu2ZlanHxe32DC_Qxur97EwS6PmQRXVjucu8FfzYZFnocQc46koaYb_8FWfOv5722Vsi33xKdHAlVdJZju_MW0Ph0ongBsJIfi2333kEcyNOOPFPncaTsUvUIdrmJERm-BVyFzKY8Kr4v9r4IJ0okyOiPKRTj6BqJyls21W1u3wWw0ZhkPIwmv9AtXUQf0-VV5ZecsljhiaD1L1BMCyMEVOokjYwgP5AQLgWBjN0ETkKG24pxycelBaeyZ1SXFllhWAI4V6yBnxLMHB__uQKnnMMlqliVksQcE8qz04rb1gfVRXMv7vhZrvmrXbIPLvmEhr1Y27ETjL0NXZNximWeerakaNcUlGTsXia8vSCOZhZSEGn0aC0WzOp_iMpgbUSVR5QEcrIx2Qa_8SwT_BPshyMqFgVCs78eyZinjpolhn_L3cwf4IwyWUO0OixmYvoeb4GQYPn9SUL0vefK6gYX-uKYxzpcgyC5qUEKVGg_0WJegopC3RXdyqY-O2OkjqU-ywBoRxzlB6bo8YPxOstXcUJVDYyj4m38hCO5FEF_wvk7fJnzb0hm5wII4mtmqcLzjmw5504macfyB01vqe14E9I0RpZEiAyUZb-mSEI5696ipqZ-93ETqWwTwRyGhFnQB_lAsgjAGzNnNzbjWP_m4lM06uhdyqCN7UmECXZWNG_OsKcwJHlipy3aAPBq2R8qpWFvsRARGHQwCkpPWiQvnpvaM1GCPAu5AO0_BaxzpoGWLk2sSSDsq5cDFLOLtyAiCN4Fc7enqU4dOgl87rYd6Fb6Xb2AmN2GLXMVT4n8S1MaHiLkOARKZNK721_rLokwb9YPmGwH1qYOFbkAngsBv8mpD81HyhYOp-QYVFKqrxrY-Yfu9T8xxFpPf15TohcPnbCqyQqWr7NRwWlsbEq8cTvrqyOwKbN3swM96gJdFv7juu5vjp2mMdNhAbnYNHQ9JKU8ogM6XQpKvGCDVmtnkRvRDnQrAgFzet7PRzBnR_yrjDSQhslpiA3lWGCFsk6KUs2zL1sqiCBJiCi5aEiXpyVOwKJm792d32Yph-iWOZkAaPJFn2dtdmW9Km-x0jzMMTM0Mi3IMAm7DgFkNIk8FI1tmsv1NxszFLALEWtP3jhya2ImS-3teJ-lLk_011BbAqw-d0L34FCPQMx6VZvuhlgdtRNZ70DlkqGhXUVX5Oc2Kz7yC34Qbw3hGtgrLkq0KsxNQp7IRoTJz-6Ur04-ewhxUoxwu6NrWsPpUldyKII1kKgn9I_ZwXl22KLBwV70O8ClMpazWLlTndpqxMglaxXA1FAvS2OuOgoEbBB7D3lXkh5Nm4b6nB9OU7Dboe-X49hONC1OBkHXsIR07UB0rWzqTfCCV6_NvrLa5ZpEf6fREuMn9p3M2fWiyYGxb_a8hn2crEPJE-BnpB4IdlX1zq1gTn1pOneXo0HNw4ZtOv1EySgNh1afjoO8Un__J_i9-1b_Bib-fO4tLTxALCBa2O1KE4Dk-tTXP3c0eSzgU47yUiCC0xT84BX4Ru5dRyKVnOEoiO1z8bbajEDfT-sjDNL-BWKsGAtqVTTe7ihCmVZmzv-GWoFOJQy02JNHICt5PIXph4H_nZjftaANlasvG0D_jef0gQephBWXikbKbHtn1r_ZlnO3Z6DD5MYJMlMcm9Aqx1UM50ltMlkZnxxjDjJFNoK4DnUfrVN3igVGRlGgGosZkdCfLCYGBtjduKv-YEdU79YXDqHKK1HWYSRnaYo9zjv2ipPKMlXkqr_AmWyr31eRe0GDW1MsmglzWYkOATMOe77L3AxyzwFNE3aUVqI-nagrYH7t8G-Gni8lABIaNp53UXGRZVnoquh7MuC7PQRCjRNXaderbPDjdIQAOtYQIpQR_jy0CjwJQbuDItjXhys4DEMh-xSGFpvQwK09CjF-lJ__tPuO7mJoaE8Nr089s&pr=8:62A8D3AAF8B8545E&cid=CAQSGwDq26N9YxPK2NBEq0QaLh2xBQmZxnjZ-4dNrhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252Fa%252Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
1d549040ec3ae9d0c519f2057c434108ad2cb14f26309351f259a1f9b9f6b26b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33399
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 02F3 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BB-zc4t5PTPrUsw_sHkKEZwQDtgaTVN_1dwxxo_Ucc36uEaPR_u1Ogenb5T_tQ3sEAt02hpJOC37fyvfhuOIxgIsbbZ8Xv-LqTMFD4hdEj97Q74ss
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
278f4153-4816-406d-9d5a-27c855056046
beacon-sin1.rubiconproject.com/beacon/d/ Frame 02F3 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-sin1.rubiconproject.com/beacon/d/278f4153-4816-406d-9d5a-27c855056046?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=15&e=6A1E40E384DA563B79F6F9BC863057514C84DF7B7703A50913593E372661051F6CAE10BFFB73A6A305B6271FDD6D1E48E89953EE89FBF3C15DAFE3E3A64A497ABEE690260A6444819D433DB3EBF167A6C587653163F411A0BCF8C66E47AA468851D120972CBCAE1D1046EDD23FC1AA19544D02D0E98EE21AAEDD776A95A41FC51DA768EB4EC3163EC282390856B148EC37FBA13D66EB619B0A5119BB68504FECD348BEB6DA4F3B9DC6432A7DE8A188549440E47133CF9093CDA10306204D320B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.67 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02F3 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:45 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW4tc2h1aS1qaW5nLWdhaS1oYW8tY3VuLW1pbi1rYWkteGluLXFpYW5nLXhpLXNob3UteGlhLW1pYW8tcGVuLWNodS15aS10aWFvLXNoZS14aWEtcGFvLXF1YW4tY2hhbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTI0ZGI2Y2IwLTU1MTMtNGM3OS04NTkyLTIyYWExNzQ5YTY2YiIsImJpZHMiOlt7ImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA4LCJyZXNwb25zZVRpbWUiOjEyODksIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InJ1Ymljb24iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA4LCJ3aW5uZXJBZFVuaXRJZCI6IjgzMzc0NDM1NTc5NTY4IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6ImQyMTU2MDQ4LWQ3MzEtNGE2Ny05NDI3LTU4MzkxMGE5NzQ2NiIsImhlYWRlckJpZGRpbmdUeXBlIjoxfQ%3D%3D&c_b=12216.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
container.html
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B0C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:43 GMT
expires
Fri, 15 Dec 2023 07:05:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A2F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:43 GMT
expires
Fri, 15 Dec 2023 07:05:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=9743&cid=440016029.1671087944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671087944&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&dt=%E6%96%B0%E6%B0%B4%E4%BA%95%E8%93%8B%E5%A5%BD%E3%80%80%E6%9D%91%E6%B0%91%E9%96%8B%E5%BF%83%E6%90%B6%E6%B4%97%E6%89%8B%EF%BC%81%E4%B8%8B%E7%A7%92%E3%80%8C%E5%99%B4%E5%87%BA%E4%B8%80%E6%A2%9D%E8%9B%87%E3%80%8D%E5%9A%87%E8%B7%91%E5%85%A8%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
144861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 14:51:23 GMT
expires
Wed, 13 Dec 2023 14:51:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BFE8 		783 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
d3392ce539ddbd8855a6a7838153f3aeac1782965e0dc1d53da47fda0e208943
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kLloiTVeTfz3vU8dTaYEsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-kLloiTVeTfz3vU8dTaYEsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:45 GMT
expires
Thu, 15 Dec 2022 07:05:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
144861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 14:51:23 GMT
expires
Wed, 13 Dec 2023 14:51:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4872 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
1f007391497b9a19315d4e2f1a5a039e7a1762b23a820fd11275cb0fe2cabcf8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-332DMWf6gFmvIAH936OYRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-332DMWf6gFmvIAH936OYRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:45 GMT
expires
Thu, 15 Dec 2022 07:05:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 07:05:44 GMT
cs
cs.lkqd.net/ Frame 31EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIRjSbTW6gZz0YmTWih1UNU&google_cver=1
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIRjSbTW6gZz0YmTWih1UNU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARj6idzZATAB&v=APEucNVQnd5dqhlvbDX3WT2L39NAQvaooFUASWpGyM-JgkLFy3ylvfz_JYObmE9aHgMFXJ31R2O0Rg6laTvI0TwrxxVxnjYZRw
Protocol
H2
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIRjSbTW6gZz0YmTWih1UNU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31EF
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VWFhWkZ6ZWZ0NTQ
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VWFhWkZ6ZWZ0NTQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARj6idzZATAB&v=APEucNVQnd5dqhlvbDX3WT2L39NAQvaooFUASWpGyM-JgkLFy3ylvfz_JYObmE9aHgMFXJ31R2O0Rg6laTvI0TwrxxVxnjYZRw
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 07:05:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=VWFhWkZ6ZWZ0NTQ
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 31EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARj6idzZATAB&v=APEucNVQnd5dqhlvbDX3WT2L39NAQvaooFUASWpGyM-JgkLFy3ylvfz_JYObmE9aHgMFXJ31R2O0Rg6laTvI0TwrxxVxnjYZRw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 31EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5rHSUMzl1.s3Nvtd.FBJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARj6idzZATAB&v=APEucNVQnd5dqhlvbDX3WT2L39NAQvaooFUASWpGyM-JgkLFy3ylvfz_JYObmE9aHgMFXJ31R2O0Rg6laTvI0TwrxxVxnjYZRw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENix4zOhqfkHEObsA1U9yzU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 69FE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:48:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 02F3 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHBa3-iUL985WlV-5LC_CNZWi43mAHIxSmxAv7rAnfC6g0DG_FLhmnayb-gxZuRS4oMXN4yZ3su5O0wtSaN39rVVZVAA3FiCB-XvhgLaOZQDv19lXoAJFR1phyKPgRLEvZZ-V2GfCAniS6XYsiG6zyUZCi2NjcOrmWCG-z1EH73WdiSOE&cry=1&dbm_d=AKAmf-C9uGhxKQHqHv3xc2bP9X9HHYaeYfwwbxNUyi5C1gmwMJcTgLZUxym6QgXBmVAvHfKVzlQP6HENeXv-Drz4WllWQRdNRRa8ooiksfnDMtW8x8dkxK7gEico6m_Pidj5lKM2jM9SsmR82HaDP4JRWE3R3AvaOW46BiHuLPdYhNvyySaqqOuFT0pLtvnheHB8Q9uHtFkUe9bETgA0H3WN-sc1cTyCMCiFKrJO-PGvdvG8EoDMTJAjpQoobMgkw6wQ9-xAkzX6MCBeEn2IYCXVemiYlm-WyeW1apyoP2RPKAZUXDAQyVVTvTw-5gKJ2xHQkGsxmToCqmz6gw5Q-Olfp1WUFmicHZk1cM4pcxMw0gJDQ3Is7PkBSHoOUOK3ivjDZ25_ZKoV4dIYWW9fnKbVOw8K9Zt4GeKGdYRAkKsArPdFpfzh0KCIRFDlHijtcE-KUQLo1EIZ6x_Jqo2mvT8qPlpK-GnT1FACxM9_MMymZp2faq8ilRe_fTfv0uzeJ_3Md0EjMfCVvCfRibrdcrQIzeUnODNA3tAMUqin1zgE-j6sDg9iVmHReibiS4gB1jBMG5NGOfqu2A61sc4ij1dElBvXDRGOslbICQvVevQoukPcTUoMV_SSBNH1RmfVy_v8nGDR0USUTjK9c9dqJEzfso9GSIbajkvYog3_bEUqZwv3bPnrKyq6-yQxX3btLjpxkquNXA0vmAouuRqhNb0Kqsn__rV7Lkgd-IQLBcFen0Z6ChC6HkTReY108LQpWtCyAtMrXzHUb0R5x09VDdniXJ58fYZkt9tVrg_kCd5m6PkLFnnd8etQYSi9FoAFsbFBKKpx0ppWZ9Bq_VZDtvlsStVbcjRtf7t0HPZ92c2dIGmUYGcXdLXPg_fWPd_T-wjohx7gnwl3D0T-78Eza38oc_YoZecbsK9pyxu4iZsQ_tppF7AyspqDlAFVGfPwTQ1PBxbstqCexzEzU57sR0tvDzLE7AKRtBNHNM7muxzO5XU4TLh8YVw70NJWpnpazH5uu1eiNtlH9UBMALVE8RcqGOSSuCX7YPeZHsbfxmaTiXqvqasIeh8YA2jd8_V3EkxLYsXaRVmSw-3sqtKB-QM4D7UC7zDfHPff5tp15MPUT_7xzCNMCciRF85kUpqKzN3mBefdU9uhEKzJEoTRQeDAb7lhEsr0cUGUJB0jxNHVA1xYaOtPHXQf0rLUbqVsOI1Y62wqq7BFI57itCrJeTGwF6GmLPjNkb3h5NIxTHKXHBpdGrB837w8CFeXPLwpcciGslqM_8RnIzmH_i-EA56IhcMYiVg7yia_S_ol0folhwQuDsH5MPN8iJGv-Xek1_9AgoutAkuv5Io6ZI0Y2VP0Ujc8ecq-RjuYZLCWi-3DPS226qINxRG5ZMs3aoyt31_bTlSA-DeelcFRyqJy3Ih6QlqW8OqldjRpZlrSiKqn-Q7ROiyu2ZlanHxe32DC_Qxur97EwS6PmQRXVjucu8FfzYZFnocQc46koaYb_8FWfOv5722Vsi33xKdHAlVdJZju_MW0Ph0ongBsJIfi2333kEcyNOOPFPncaTsUvUIdrmJERm-BVyFzKY8Kr4v9r4IJ0okyOiPKRTj6BqJyls21W1u3wWw0ZhkPIwmv9AtXUQf0-VV5ZecsljhiaD1L1BMCyMEVOokjYwgP5AQLgWBjN0ETkKG24pxycelBaeyZ1SXFllhWAI4V6yBnxLMHB__uQKnnMMlqliVksQcE8qz04rb1gfVRXMv7vhZrvmrXbIPLvmEhr1Y27ETjL0NXZNximWeerakaNcUlGTsXia8vSCOZhZSEGn0aC0WzOp_iMpgbUSVR5QEcrIx2Qa_8SwT_BPshyMqFgVCs78eyZinjpolhn_L3cwf4IwyWUO0OixmYvoeb4GQYPn9SUL0vefK6gYX-uKYxzpcgyC5qUEKVGg_0WJegopC3RXdyqY-O2OkjqU-ywBoRxzlB6bo8YPxOstXcUJVDYyj4m38hCO5FEF_wvk7fJnzb0hm5wII4mtmqcLzjmw5504macfyB01vqe14E9I0RpZEiAyUZb-mSEI5696ipqZ-93ETqWwTwRyGhFnQB_lAsgjAGzNnNzbjWP_m4lM06uhdyqCN7UmECXZWNG_OsKcwJHlipy3aAPBq2R8qpWFvsRARGHQwCkpPWiQvnpvaM1GCPAu5AO0_BaxzpoGWLk2sSSDsq5cDFLOLtyAiCN4Fc7enqU4dOgl87rYd6Fb6Xb2AmN2GLXMVT4n8S1MaHiLkOARKZNK721_rLokwb9YPmGwH1qYOFbkAngsBv8mpD81HyhYOp-QYVFKqrxrY-Yfu9T8xxFpPf15TohcPnbCqyQqWr7NRwWlsbEq8cTvrqyOwKbN3swM96gJdFv7juu5vjp2mMdNhAbnYNHQ9JKU8ogM6XQpKvGCDVmtnkRvRDnQrAgFzet7PRzBnR_yrjDSQhslpiA3lWGCFsk6KUs2zL1sqiCBJiCi5aEiXpyVOwKJm792d32Yph-iWOZkAaPJFn2dtdmW9Km-x0jzMMTM0Mi3IMAm7DgFkNIk8FI1tmsv1NxszFLALEWtP3jhya2ImS-3teJ-lLk_011BbAqw-d0L34FCPQMx6VZvuhlgdtRNZ70DlkqGhXUVX5Oc2Kz7yC34Qbw3hGtgrLkq0KsxNQp7IRoTJz-6Ur04-ewhxUoxwu6NrWsPpUldyKII1kKgn9I_ZwXl22KLBwV70O8ClMpazWLlTndpqxMglaxXA1FAvS2OuOgoEbBB7D3lXkh5Nm4b6nB9OU7Dboe-X49hONC1OBkHXsIR07UB0rWzqTfCCV6_NvrLa5ZpEf6fREuMn9p3M2fWiyYGxb_a8hn2crEPJE-BnpB4IdlX1zq1gTn1pOneXo0HNw4ZtOv1EySgNh1afjoO8Un__J_i9-1b_Bib-fO4tLTxALCBa2O1KE4Dk-tTXP3c0eSzgU47yUiCC0xT84BX4Ru5dRyKVnOEoiO1z8bbajEDfT-sjDNL-BWKsGAtqVTTe7ihCmVZmzv-GWoFOJQy02JNHICt5PIXph4H_nZjftaANlasvG0D_jef0gQephBWXikbKbHtn1r_ZlnO3Z6DD5MYJMlMcm9Aqx1UM50ltMlkZnxxjDjJFNoK4DnUfrVN3igVGRlGgGosZkdCfLCYGBtjduKv-YEdU79YXDqHKK1HWYSRnaYo9zjv2ipPKMlXkqr_AmWyr31eRe0GDW1MsmglzWYkOATMOe77L3AxyzwFNE3aUVqI-nagrYH7t8G-Gni8lABIaNp53UXGRZVnoquh7MuC7PQRCjRNXaderbPDjdIQAOtYQIpQR_jy0CjwJQbuDItjXhys4DEMh-xSGFpvQwK09CjF-lJ__tPuO7mJoaE8Nr089s&pr=8:62A8D3AAF8B8545E&cid=CAQSGwDq26N9YxPK2NBEq0QaLh2xBQmZxnjZ-4dNrhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252Fa%252Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 04:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
10244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 04:15:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 02F3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHBa3-iUL985WlV-5LC_CNZWi43mAHIxSmxAv7rAnfC6g0DG_FLhmnayb-gxZuRS4oMXN4yZ3su5O0wtSaN39rVVZVAA3FiCB-XvhgLaOZQDv19lXoAJFR1phyKPgRLEvZZ-V2GfCAniS6XYsiG6zyUZCi2NjcOrmWCG-z1EH73WdiSOE&cry=1&dbm_d=AKAmf-C9uGhxKQHqHv3xc2bP9X9HHYaeYfwwbxNUyi5C1gmwMJcTgLZUxym6QgXBmVAvHfKVzlQP6HENeXv-Drz4WllWQRdNRRa8ooiksfnDMtW8x8dkxK7gEico6m_Pidj5lKM2jM9SsmR82HaDP4JRWE3R3AvaOW46BiHuLPdYhNvyySaqqOuFT0pLtvnheHB8Q9uHtFkUe9bETgA0H3WN-sc1cTyCMCiFKrJO-PGvdvG8EoDMTJAjpQoobMgkw6wQ9-xAkzX6MCBeEn2IYCXVemiYlm-WyeW1apyoP2RPKAZUXDAQyVVTvTw-5gKJ2xHQkGsxmToCqmz6gw5Q-Olfp1WUFmicHZk1cM4pcxMw0gJDQ3Is7PkBSHoOUOK3ivjDZ25_ZKoV4dIYWW9fnKbVOw8K9Zt4GeKGdYRAkKsArPdFpfzh0KCIRFDlHijtcE-KUQLo1EIZ6x_Jqo2mvT8qPlpK-GnT1FACxM9_MMymZp2faq8ilRe_fTfv0uzeJ_3Md0EjMfCVvCfRibrdcrQIzeUnODNA3tAMUqin1zgE-j6sDg9iVmHReibiS4gB1jBMG5NGOfqu2A61sc4ij1dElBvXDRGOslbICQvVevQoukPcTUoMV_SSBNH1RmfVy_v8nGDR0USUTjK9c9dqJEzfso9GSIbajkvYog3_bEUqZwv3bPnrKyq6-yQxX3btLjpxkquNXA0vmAouuRqhNb0Kqsn__rV7Lkgd-IQLBcFen0Z6ChC6HkTReY108LQpWtCyAtMrXzHUb0R5x09VDdniXJ58fYZkt9tVrg_kCd5m6PkLFnnd8etQYSi9FoAFsbFBKKpx0ppWZ9Bq_VZDtvlsStVbcjRtf7t0HPZ92c2dIGmUYGcXdLXPg_fWPd_T-wjohx7gnwl3D0T-78Eza38oc_YoZecbsK9pyxu4iZsQ_tppF7AyspqDlAFVGfPwTQ1PBxbstqCexzEzU57sR0tvDzLE7AKRtBNHNM7muxzO5XU4TLh8YVw70NJWpnpazH5uu1eiNtlH9UBMALVE8RcqGOSSuCX7YPeZHsbfxmaTiXqvqasIeh8YA2jd8_V3EkxLYsXaRVmSw-3sqtKB-QM4D7UC7zDfHPff5tp15MPUT_7xzCNMCciRF85kUpqKzN3mBefdU9uhEKzJEoTRQeDAb7lhEsr0cUGUJB0jxNHVA1xYaOtPHXQf0rLUbqVsOI1Y62wqq7BFI57itCrJeTGwF6GmLPjNkb3h5NIxTHKXHBpdGrB837w8CFeXPLwpcciGslqM_8RnIzmH_i-EA56IhcMYiVg7yia_S_ol0folhwQuDsH5MPN8iJGv-Xek1_9AgoutAkuv5Io6ZI0Y2VP0Ujc8ecq-RjuYZLCWi-3DPS226qINxRG5ZMs3aoyt31_bTlSA-DeelcFRyqJy3Ih6QlqW8OqldjRpZlrSiKqn-Q7ROiyu2ZlanHxe32DC_Qxur97EwS6PmQRXVjucu8FfzYZFnocQc46koaYb_8FWfOv5722Vsi33xKdHAlVdJZju_MW0Ph0ongBsJIfi2333kEcyNOOPFPncaTsUvUIdrmJERm-BVyFzKY8Kr4v9r4IJ0okyOiPKRTj6BqJyls21W1u3wWw0ZhkPIwmv9AtXUQf0-VV5ZecsljhiaD1L1BMCyMEVOokjYwgP5AQLgWBjN0ETkKG24pxycelBaeyZ1SXFllhWAI4V6yBnxLMHB__uQKnnMMlqliVksQcE8qz04rb1gfVRXMv7vhZrvmrXbIPLvmEhr1Y27ETjL0NXZNximWeerakaNcUlGTsXia8vSCOZhZSEGn0aC0WzOp_iMpgbUSVR5QEcrIx2Qa_8SwT_BPshyMqFgVCs78eyZinjpolhn_L3cwf4IwyWUO0OixmYvoeb4GQYPn9SUL0vefK6gYX-uKYxzpcgyC5qUEKVGg_0WJegopC3RXdyqY-O2OkjqU-ywBoRxzlB6bo8YPxOstXcUJVDYyj4m38hCO5FEF_wvk7fJnzb0hm5wII4mtmqcLzjmw5504macfyB01vqe14E9I0RpZEiAyUZb-mSEI5696ipqZ-93ETqWwTwRyGhFnQB_lAsgjAGzNnNzbjWP_m4lM06uhdyqCN7UmECXZWNG_OsKcwJHlipy3aAPBq2R8qpWFvsRARGHQwCkpPWiQvnpvaM1GCPAu5AO0_BaxzpoGWLk2sSSDsq5cDFLOLtyAiCN4Fc7enqU4dOgl87rYd6Fb6Xb2AmN2GLXMVT4n8S1MaHiLkOARKZNK721_rLokwb9YPmGwH1qYOFbkAngsBv8mpD81HyhYOp-QYVFKqrxrY-Yfu9T8xxFpPf15TohcPnbCqyQqWr7NRwWlsbEq8cTvrqyOwKbN3swM96gJdFv7juu5vjp2mMdNhAbnYNHQ9JKU8ogM6XQpKvGCDVmtnkRvRDnQrAgFzet7PRzBnR_yrjDSQhslpiA3lWGCFsk6KUs2zL1sqiCBJiCi5aEiXpyVOwKJm792d32Yph-iWOZkAaPJFn2dtdmW9Km-x0jzMMTM0Mi3IMAm7DgFkNIk8FI1tmsv1NxszFLALEWtP3jhya2ImS-3teJ-lLk_011BbAqw-d0L34FCPQMx6VZvuhlgdtRNZ70DlkqGhXUVX5Oc2Kz7yC34Qbw3hGtgrLkq0KsxNQp7IRoTJz-6Ur04-ewhxUoxwu6NrWsPpUldyKII1kKgn9I_ZwXl22KLBwV70O8ClMpazWLlTndpqxMglaxXA1FAvS2OuOgoEbBB7D3lXkh5Nm4b6nB9OU7Dboe-X49hONC1OBkHXsIR07UB0rWzqTfCCV6_NvrLa5ZpEf6fREuMn9p3M2fWiyYGxb_a8hn2crEPJE-BnpB4IdlX1zq1gTn1pOneXo0HNw4ZtOv1EySgNh1afjoO8Un__J_i9-1b_Bib-fO4tLTxALCBa2O1KE4Dk-tTXP3c0eSzgU47yUiCC0xT84BX4Ru5dRyKVnOEoiO1z8bbajEDfT-sjDNL-BWKsGAtqVTTe7ihCmVZmzv-GWoFOJQy02JNHICt5PIXph4H_nZjftaANlasvG0D_jef0gQephBWXikbKbHtn1r_ZlnO3Z6DD5MYJMlMcm9Aqx1UM50ltMlkZnxxjDjJFNoK4DnUfrVN3igVGRlGgGosZkdCfLCYGBtjduKv-YEdU79YXDqHKK1HWYSRnaYo9zjv2ipPKMlXkqr_AmWyr31eRe0GDW1MsmglzWYkOATMOe77L3AxyzwFNE3aUVqI-nagrYH7t8G-Gni8lABIaNp53UXGRZVnoquh7MuC7PQRCjRNXaderbPDjdIQAOtYQIpQR_jy0CjwJQbuDItjXhys4DEMh-xSGFpvQwK09CjF-lJ__tPuO7mJoaE8Nr089s&pr=8:62A8D3AAF8B8545E&cid=CAQSGwDq26N9YxPK2NBEq0QaLh2xBQmZxnjZ-4dNrhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252Fa%252Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:43:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
66153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 12:43:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 02F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXXKv8iajhsusQKR2lHo7LhWA5bRVhI01LxvX1qTD-DmW60q7wDF6hG4NL7dIGcrcZL4PEp0ChcWbxoBy5i6sQ84XzzdOrRLBd4AgWGmLEgTMlayPxhJLKDrRK6npG4_QXDrA44kf2AWKlytwL_ge1ZjuwZJKWM5czcwiKX0Xbiqo59NBxnohHuwn_bqUnw4dY3bgfVFMcVTmh7IbN5CuJdIpyFOFA-LbgrTKebMGVmPUPhJajOkWrgoesvrkiv5DAMYwPkAK1_H1ZlLa3803IidiGWgFoXbsuhlvYC2YgUWkJ0otmgF0Ogx4QIeRWySWPiNI4kvb2gDpOnYgHMhDf9CEYDN5sQoBc-yW_uwwRw1z_V0RzmIeZEVN5-hGv8NwPngN42cELUc9CM3W3-x5rJRp2Sj2leZ4otkmJpzGKxPjuAiviyw4QG9tlwkmU_6SwolNi8Rr1-up4r8wZqE5Yrl10XFfHM6d7nbqHB8_kBtEXLM_sLmnMKdnYbUEUB3HEsaj1jwoMaBkbObaQxMvvZxCNQ7jHpizoo9bZLA2Hmc3r79t_m1_2p8gyzPkCYQJmGAdXsqnW_7QDzbQrp6Nk7XyiS_10UudVW8pto9hNmQs4kHXeV-PCebq21vamJu2N53ftor-gq916hYhKrUfmSZcZEm_gCyTM3vL1ITBfjxCMOcHwzsswNfTbigM5tKdbalmUn_gSbEg26uh21kuVThfB-Nf0NeVUqV2kLUWANbtogyKWXjNQCvf97DHQb5GYLywro-r7NiyI_Qf-JyloTP9vXAy1Gsp9_8PKX7ErbsitoopxAEpT9-oxai_s5Q5wLbBoJmdJQd_0GFyJJdhuJ2MdkHAvgwkgYsSP_89C1lVV4h0OyragTJMYoV8FN8oNjbAD6qOsmSLxjLGaTdOxg3DkZVj4pbiOQCNmdjhvf8lA9NN9X7GRdf3-obxO2_Atj-ITft7rBC2DFH27FnoKYuiA7qGY6RQb2zePIVqDq2bZfeiyXFJE_VGf3S8wLhTyHRWDX1BJHlymSneZlo72H9zK62eHlg4fkK8AJcElg9M0ZgHnF2tbIaWZAwyLeCyMaBQQBkBC0sMxXAAFBrpkBshSXYmpAB5nEkIO_d-0imMy478yZS-yk-QOclQ&sai=AMfl-YShPU7HDNf_qQTnkIgHhWhZAKKRT_MlSScci1CZJ2wdI1pbT5OSGRcJc-XtoZwbxGl3MxpTgsD1wHboGyMsbb9XYtn6-v0F2V0nFOUnUsY5nH3rBABvyyk4LT2_7Ew2GxbbhRR1BTwhXT3C_14oy5wsYu3FsGr94a2feZe3qgQg3EWCPBKS66Q6cA&sig=Cg0ArKJSzK_MGFrv_f0sEAE&uach_m=[UACH]&pr=8:62A8D3AAF8B8545E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.52587&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHBa3-iUL985WlV-5LC_CNZWi43mAHIxSmxAv7rAnfC6g0DG_FLhmnayb-gxZuRS4oMXN4yZ3su5O0wtSaN39rVVZVAA3FiCB-XvhgLaOZQDv19lXoAJFR1phyKPgRLEvZZ-V2GfCAniS6XYsiG6zyUZCi2NjcOrmWCG-z1EH73WdiSOE&cry=1&dbm_d=AKAmf-C9uGhxKQHqHv3xc2bP9X9HHYaeYfwwbxNUyi5C1gmwMJcTgLZUxym6QgXBmVAvHfKVzlQP6HENeXv-Drz4WllWQRdNRRa8ooiksfnDMtW8x8dkxK7gEico6m_Pidj5lKM2jM9SsmR82HaDP4JRWE3R3AvaOW46BiHuLPdYhNvyySaqqOuFT0pLtvnheHB8Q9uHtFkUe9bETgA0H3WN-sc1cTyCMCiFKrJO-PGvdvG8EoDMTJAjpQoobMgkw6wQ9-xAkzX6MCBeEn2IYCXVemiYlm-WyeW1apyoP2RPKAZUXDAQyVVTvTw-5gKJ2xHQkGsxmToCqmz6gw5Q-Olfp1WUFmicHZk1cM4pcxMw0gJDQ3Is7PkBSHoOUOK3ivjDZ25_ZKoV4dIYWW9fnKbVOw8K9Zt4GeKGdYRAkKsArPdFpfzh0KCIRFDlHijtcE-KUQLo1EIZ6x_Jqo2mvT8qPlpK-GnT1FACxM9_MMymZp2faq8ilRe_fTfv0uzeJ_3Md0EjMfCVvCfRibrdcrQIzeUnODNA3tAMUqin1zgE-j6sDg9iVmHReibiS4gB1jBMG5NGOfqu2A61sc4ij1dElBvXDRGOslbICQvVevQoukPcTUoMV_SSBNH1RmfVy_v8nGDR0USUTjK9c9dqJEzfso9GSIbajkvYog3_bEUqZwv3bPnrKyq6-yQxX3btLjpxkquNXA0vmAouuRqhNb0Kqsn__rV7Lkgd-IQLBcFen0Z6ChC6HkTReY108LQpWtCyAtMrXzHUb0R5x09VDdniXJ58fYZkt9tVrg_kCd5m6PkLFnnd8etQYSi9FoAFsbFBKKpx0ppWZ9Bq_VZDtvlsStVbcjRtf7t0HPZ92c2dIGmUYGcXdLXPg_fWPd_T-wjohx7gnwl3D0T-78Eza38oc_YoZecbsK9pyxu4iZsQ_tppF7AyspqDlAFVGfPwTQ1PBxbstqCexzEzU57sR0tvDzLE7AKRtBNHNM7muxzO5XU4TLh8YVw70NJWpnpazH5uu1eiNtlH9UBMALVE8RcqGOSSuCX7YPeZHsbfxmaTiXqvqasIeh8YA2jd8_V3EkxLYsXaRVmSw-3sqtKB-QM4D7UC7zDfHPff5tp15MPUT_7xzCNMCciRF85kUpqKzN3mBefdU9uhEKzJEoTRQeDAb7lhEsr0cUGUJB0jxNHVA1xYaOtPHXQf0rLUbqVsOI1Y62wqq7BFI57itCrJeTGwF6GmLPjNkb3h5NIxTHKXHBpdGrB837w8CFeXPLwpcciGslqM_8RnIzmH_i-EA56IhcMYiVg7yia_S_ol0folhwQuDsH5MPN8iJGv-Xek1_9AgoutAkuv5Io6ZI0Y2VP0Ujc8ecq-RjuYZLCWi-3DPS226qINxRG5ZMs3aoyt31_bTlSA-DeelcFRyqJy3Ih6QlqW8OqldjRpZlrSiKqn-Q7ROiyu2ZlanHxe32DC_Qxur97EwS6PmQRXVjucu8FfzYZFnocQc46koaYb_8FWfOv5722Vsi33xKdHAlVdJZju_MW0Ph0ongBsJIfi2333kEcyNOOPFPncaTsUvUIdrmJERm-BVyFzKY8Kr4v9r4IJ0okyOiPKRTj6BqJyls21W1u3wWw0ZhkPIwmv9AtXUQf0-VV5ZecsljhiaD1L1BMCyMEVOokjYwgP5AQLgWBjN0ETkKG24pxycelBaeyZ1SXFllhWAI4V6yBnxLMHB__uQKnnMMlqliVksQcE8qz04rb1gfVRXMv7vhZrvmrXbIPLvmEhr1Y27ETjL0NXZNximWeerakaNcUlGTsXia8vSCOZhZSEGn0aC0WzOp_iMpgbUSVR5QEcrIx2Qa_8SwT_BPshyMqFgVCs78eyZinjpolhn_L3cwf4IwyWUO0OixmYvoeb4GQYPn9SUL0vefK6gYX-uKYxzpcgyC5qUEKVGg_0WJegopC3RXdyqY-O2OkjqU-ywBoRxzlB6bo8YPxOstXcUJVDYyj4m38hCO5FEF_wvk7fJnzb0hm5wII4mtmqcLzjmw5504macfyB01vqe14E9I0RpZEiAyUZb-mSEI5696ipqZ-93ETqWwTwRyGhFnQB_lAsgjAGzNnNzbjWP_m4lM06uhdyqCN7UmECXZWNG_OsKcwJHlipy3aAPBq2R8qpWFvsRARGHQwCkpPWiQvnpvaM1GCPAu5AO0_BaxzpoGWLk2sSSDsq5cDFLOLtyAiCN4Fc7enqU4dOgl87rYd6Fb6Xb2AmN2GLXMVT4n8S1MaHiLkOARKZNK721_rLokwb9YPmGwH1qYOFbkAngsBv8mpD81HyhYOp-QYVFKqrxrY-Yfu9T8xxFpPf15TohcPnbCqyQqWr7NRwWlsbEq8cTvrqyOwKbN3swM96gJdFv7juu5vjp2mMdNhAbnYNHQ9JKU8ogM6XQpKvGCDVmtnkRvRDnQrAgFzet7PRzBnR_yrjDSQhslpiA3lWGCFsk6KUs2zL1sqiCBJiCi5aEiXpyVOwKJm792d32Yph-iWOZkAaPJFn2dtdmW9Km-x0jzMMTM0Mi3IMAm7DgFkNIk8FI1tmsv1NxszFLALEWtP3jhya2ImS-3teJ-lLk_011BbAqw-d0L34FCPQMx6VZvuhlgdtRNZ70DlkqGhXUVX5Oc2Kz7yC34Qbw3hGtgrLkq0KsxNQp7IRoTJz-6Ur04-ewhxUoxwu6NrWsPpUldyKII1kKgn9I_ZwXl22KLBwV70O8ClMpazWLlTndpqxMglaxXA1FAvS2OuOgoEbBB7D3lXkh5Nm4b6nB9OU7Dboe-X49hONC1OBkHXsIR07UB0rWzqTfCCV6_NvrLa5ZpEf6fREuMn9p3M2fWiyYGxb_a8hn2crEPJE-BnpB4IdlX1zq1gTn1pOneXo0HNw4ZtOv1EySgNh1afjoO8Un__J_i9-1b_Bib-fO4tLTxALCBa2O1KE4Dk-tTXP3c0eSzgU47yUiCC0xT84BX4Ru5dRyKVnOEoiO1z8bbajEDfT-sjDNL-BWKsGAtqVTTe7ihCmVZmzv-GWoFOJQy02JNHICt5PIXph4H_nZjftaANlasvG0D_jef0gQephBWXikbKbHtn1r_ZlnO3Z6DD5MYJMlMcm9Aqx1UM50ltMlkZnxxjDjJFNoK4DnUfrVN3igVGRlGgGosZkdCfLCYGBtjduKv-YEdU79YXDqHKK1HWYSRnaYo9zjv2ipPKMlXkqr_AmWyr31eRe0GDW1MsmglzWYkOATMOe77L3AxyzwFNE3aUVqI-nagrYH7t8G-Gni8lABIaNp53UXGRZVnoquh7MuC7PQRCjRNXaderbPDjdIQAOtYQIpQR_jy0CjwJQbuDItjXhys4DEMh-xSGFpvQwK09CjF-lJ__tPuO7mJoaE8Nr089s&pr=8:62A8D3AAF8B8545E&cid=CAQSGwDq26N9YxPK2NBEq0QaLh2xBQmZxnjZ-4dNrhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252Fa%252Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 07:05:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 07:05:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 02F3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHBa3-iUL985WlV-5LC_CNZWi43mAHIxSmxAv7rAnfC6g0DG_FLhmnayb-gxZuRS4oMXN4yZ3su5O0wtSaN39rVVZVAA3FiCB-XvhgLaOZQDv19lXoAJFR1phyKPgRLEvZZ-V2GfCAniS6XYsiG6zyUZCi2NjcOrmWCG-z1EH73WdiSOE&cry=1&dbm_d=AKAmf-C9uGhxKQHqHv3xc2bP9X9HHYaeYfwwbxNUyi5C1gmwMJcTgLZUxym6QgXBmVAvHfKVzlQP6HENeXv-Drz4WllWQRdNRRa8ooiksfnDMtW8x8dkxK7gEico6m_Pidj5lKM2jM9SsmR82HaDP4JRWE3R3AvaOW46BiHuLPdYhNvyySaqqOuFT0pLtvnheHB8Q9uHtFkUe9bETgA0H3WN-sc1cTyCMCiFKrJO-PGvdvG8EoDMTJAjpQoobMgkw6wQ9-xAkzX6MCBeEn2IYCXVemiYlm-WyeW1apyoP2RPKAZUXDAQyVVTvTw-5gKJ2xHQkGsxmToCqmz6gw5Q-Olfp1WUFmicHZk1cM4pcxMw0gJDQ3Is7PkBSHoOUOK3ivjDZ25_ZKoV4dIYWW9fnKbVOw8K9Zt4GeKGdYRAkKsArPdFpfzh0KCIRFDlHijtcE-KUQLo1EIZ6x_Jqo2mvT8qPlpK-GnT1FACxM9_MMymZp2faq8ilRe_fTfv0uzeJ_3Md0EjMfCVvCfRibrdcrQIzeUnODNA3tAMUqin1zgE-j6sDg9iVmHReibiS4gB1jBMG5NGOfqu2A61sc4ij1dElBvXDRGOslbICQvVevQoukPcTUoMV_SSBNH1RmfVy_v8nGDR0USUTjK9c9dqJEzfso9GSIbajkvYog3_bEUqZwv3bPnrKyq6-yQxX3btLjpxkquNXA0vmAouuRqhNb0Kqsn__rV7Lkgd-IQLBcFen0Z6ChC6HkTReY108LQpWtCyAtMrXzHUb0R5x09VDdniXJ58fYZkt9tVrg_kCd5m6PkLFnnd8etQYSi9FoAFsbFBKKpx0ppWZ9Bq_VZDtvlsStVbcjRtf7t0HPZ92c2dIGmUYGcXdLXPg_fWPd_T-wjohx7gnwl3D0T-78Eza38oc_YoZecbsK9pyxu4iZsQ_tppF7AyspqDlAFVGfPwTQ1PBxbstqCexzEzU57sR0tvDzLE7AKRtBNHNM7muxzO5XU4TLh8YVw70NJWpnpazH5uu1eiNtlH9UBMALVE8RcqGOSSuCX7YPeZHsbfxmaTiXqvqasIeh8YA2jd8_V3EkxLYsXaRVmSw-3sqtKB-QM4D7UC7zDfHPff5tp15MPUT_7xzCNMCciRF85kUpqKzN3mBefdU9uhEKzJEoTRQeDAb7lhEsr0cUGUJB0jxNHVA1xYaOtPHXQf0rLUbqVsOI1Y62wqq7BFI57itCrJeTGwF6GmLPjNkb3h5NIxTHKXHBpdGrB837w8CFeXPLwpcciGslqM_8RnIzmH_i-EA56IhcMYiVg7yia_S_ol0folhwQuDsH5MPN8iJGv-Xek1_9AgoutAkuv5Io6ZI0Y2VP0Ujc8ecq-RjuYZLCWi-3DPS226qINxRG5ZMs3aoyt31_bTlSA-DeelcFRyqJy3Ih6QlqW8OqldjRpZlrSiKqn-Q7ROiyu2ZlanHxe32DC_Qxur97EwS6PmQRXVjucu8FfzYZFnocQc46koaYb_8FWfOv5722Vsi33xKdHAlVdJZju_MW0Ph0ongBsJIfi2333kEcyNOOPFPncaTsUvUIdrmJERm-BVyFzKY8Kr4v9r4IJ0okyOiPKRTj6BqJyls21W1u3wWw0ZhkPIwmv9AtXUQf0-VV5ZecsljhiaD1L1BMCyMEVOokjYwgP5AQLgWBjN0ETkKG24pxycelBaeyZ1SXFllhWAI4V6yBnxLMHB__uQKnnMMlqliVksQcE8qz04rb1gfVRXMv7vhZrvmrXbIPLvmEhr1Y27ETjL0NXZNximWeerakaNcUlGTsXia8vSCOZhZSEGn0aC0WzOp_iMpgbUSVR5QEcrIx2Qa_8SwT_BPshyMqFgVCs78eyZinjpolhn_L3cwf4IwyWUO0OixmYvoeb4GQYPn9SUL0vefK6gYX-uKYxzpcgyC5qUEKVGg_0WJegopC3RXdyqY-O2OkjqU-ywBoRxzlB6bo8YPxOstXcUJVDYyj4m38hCO5FEF_wvk7fJnzb0hm5wII4mtmqcLzjmw5504macfyB01vqe14E9I0RpZEiAyUZb-mSEI5696ipqZ-93ETqWwTwRyGhFnQB_lAsgjAGzNnNzbjWP_m4lM06uhdyqCN7UmECXZWNG_OsKcwJHlipy3aAPBq2R8qpWFvsRARGHQwCkpPWiQvnpvaM1GCPAu5AO0_BaxzpoGWLk2sSSDsq5cDFLOLtyAiCN4Fc7enqU4dOgl87rYd6Fb6Xb2AmN2GLXMVT4n8S1MaHiLkOARKZNK721_rLokwb9YPmGwH1qYOFbkAngsBv8mpD81HyhYOp-QYVFKqrxrY-Yfu9T8xxFpPf15TohcPnbCqyQqWr7NRwWlsbEq8cTvrqyOwKbN3swM96gJdFv7juu5vjp2mMdNhAbnYNHQ9JKU8ogM6XQpKvGCDVmtnkRvRDnQrAgFzet7PRzBnR_yrjDSQhslpiA3lWGCFsk6KUs2zL1sqiCBJiCi5aEiXpyVOwKJm792d32Yph-iWOZkAaPJFn2dtdmW9Km-x0jzMMTM0Mi3IMAm7DgFkNIk8FI1tmsv1NxszFLALEWtP3jhya2ImS-3teJ-lLk_011BbAqw-d0L34FCPQMx6VZvuhlgdtRNZ70DlkqGhXUVX5Oc2Kz7yC34Qbw3hGtgrLkq0KsxNQp7IRoTJz-6Ur04-ewhxUoxwu6NrWsPpUldyKII1kKgn9I_ZwXl22KLBwV70O8ClMpazWLlTndpqxMglaxXA1FAvS2OuOgoEbBB7D3lXkh5Nm4b6nB9OU7Dboe-X49hONC1OBkHXsIR07UB0rWzqTfCCV6_NvrLa5ZpEf6fREuMn9p3M2fWiyYGxb_a8hn2crEPJE-BnpB4IdlX1zq1gTn1pOneXo0HNw4ZtOv1EySgNh1afjoO8Un__J_i9-1b_Bib-fO4tLTxALCBa2O1KE4Dk-tTXP3c0eSzgU47yUiCC0xT84BX4Ru5dRyKVnOEoiO1z8bbajEDfT-sjDNL-BWKsGAtqVTTe7ihCmVZmzv-GWoFOJQy02JNHICt5PIXph4H_nZjftaANlasvG0D_jef0gQephBWXikbKbHtn1r_ZlnO3Z6DD5MYJMlMcm9Aqx1UM50ltMlkZnxxjDjJFNoK4DnUfrVN3igVGRlGgGosZkdCfLCYGBtjduKv-YEdU79YXDqHKK1HWYSRnaYo9zjv2ipPKMlXkqr_AmWyr31eRe0GDW1MsmglzWYkOATMOe77L3AxyzwFNE3aUVqI-nagrYH7t8G-Gni8lABIaNp53UXGRZVnoquh7MuC7PQRCjRNXaderbPDjdIQAOtYQIpQR_jy0CjwJQbuDItjXhys4DEMh-xSGFpvQwK09CjF-lJ__tPuO7mJoaE8Nr089s&pr=8:62A8D3AAF8B8545E&cid=CAQSGwDq26N9YxPK2NBEq0QaLh2xBQmZxnjZ-4dNrhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252Fa%252Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 14:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 14:19:16 GMT
17501654430585739521
s0.2mdn.net/simgad/ Frame 02F3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17501654430585739521
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
6733b1441eb85963cd51a9e4103926439a608097504a3689abea559aa2c2dd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 05:25:08 GMT
x-content-type-options
nosniff
age
6037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18956
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:32:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 05:25:08 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 63CA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:48:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4AB8 		611 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARiGtdLZATAB&v=APEucNXuVHJDOxOWnoLGoOoBOD7se-B4a622mJLZIzYPZDwG36BHJQDoqs4R7PUnvdjrJw0i90Z4zOFTu_COpSFyLxzT__yvkA
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 3B0C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
31410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 22:22:15 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 3B0C 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
31409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 22:22:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3B0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZeM-wyf1u8bqpszhV5IwP7cvNaQmArFENJrzym4ZGTJ6GCD9-WBVBaYmr3ibtt1UIQrcqdTlwBhA3G52xz5N0KpfGVQV3d_X6Fuo3134L2_SnrfEUilj6tUXTrLJgsgtHoJH9jminE5BGfCAfmBrOw10CDYETbOuzT0U7vYVHWaSUjqXe76oqwxWO9lSdnPLtrwkcbWog6FfM214z2MH_wLdvA7YfXZvaXmmjX4UV3DS8ya1OqueSdFwEt5513YGHox3hDzsduJcv-qV7v3_7mrylgYEVsHqIDAwTgQyn9RdCVmKNECq6IiVxXWJvBQM3cEOOfVMvejduMtKVIMdbTXw55XP5dP8EbLHAn2xot0Js0_tEd55ooFfYK5I7mYksLQFTP0oR_JGEMsphRFFESmZvo2Nh0DLSHJJpEGxanj330xNyaIz8-hN7Jt__UdpZJe_pVqPQtxRxLqP_hPI-DrnBydwls-Je7Tvi2D0Rts_m-UuDOTqUF1odCBUDvXqKCOQa2K1VPdKCzMuuKwOdatpsMjwArs5b1LWvBB7QnE5y7p5n1ZoBpT9B0XPOQH9Bh_DIDK-9PgdddFQolqTvnGkcoWNm6OoEyjjXcCTUxYJiXF2GXMMBr1L3MpB0hEwB2GXgAdmDLrf93M13kz88pHOvTC7TpifGKNYQJLCMR7p3cAKg1aTRr4lVXbY9uoL6inXMAYe5ZxcPjuI2kTruYZtzG5Pg-abMoG2XZfD0sgUN7WQ2jt3W68m0QOFuzbEiRRhTUc0Gc8hGqqP5piSwF_WD0heDY6h6mV9ggHm6QhMpkYozw5L8zyxw_MqzO-Ev25T4Y4YYVBsGrumDmX4LOWVNqPL5Y-sKIqqVggeDYr7kDMC6VMfZC5D68gSJ9iODEZBoKwe1PWfK12UHpm-cMGlaN2WiRz9D-TxkjrrWEQJRhZJ1gQciLoYcoc_upVsX3zM1bg9ofD92fkAj2P97P_koDGfXXzZy76xw-61spLdMeHrphJ7MNdfOxk9PJBtXqT5C2s0hA9hH0aPLKmZKFISP-NQBeNOp-db5qE6JUO591YR38eD36liOKazMtmNC_pYMlyDvhuF4bPCwv7dyL68jXgNbvWS1jSftvagJTJEaZD-hqbPesTRrXcI1VIt8oOsAWLZYVHAILo1vrKQt-EXDU7MyzgSP0jjaSLPT5m7JkK1R4kH_Vw&sai=AMfl-YT7dL1O-wySm0Vjd594QPery7ap8CFIrxqltZdr72tJQ_LugOngl5vue_7daokddRGDUEBPYpWlgsDNhkAQ63PnofS4_7Xwwu7IDCMyyK_vzvPjq5vB50NwRGrYEVMlRgyrWp4phqG49w_K62TeYPbyQ1gIMTaM6AHW3a85BbVCGayeV_hW6hVYvwojh8v5WDoeizZcSPmpo8z4Z1GIEObQri33B5dXGweN5u9ZqOg0uoAVkeB8o378z6G_i3nkAcGOcBsZPtD_7O1iWqCp72M1MoxgaGJLAQGqQUOn4Jc005Lio3-OwVtv4czVzO4mReh02D9R4aKk35Zng0CKuVYF-7JLK0HzpLHNxHi78zK1jxOY7BgU-Jj-Kngym2tXMHEcSMZbzMY3arKXH66M2atiOw&sig=Cg0ArKJSzD67wk1DHH5IEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.78332&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Dec 2022 07:05:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 07:05:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3B0C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 14:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 14:19:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B0C 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Do9kGLPV7U2QvEM1xcz8mI91nUF40NKLnvGl9DN7rFifq_wY9biSw1c6Z37nxG7OSHLbIrWXEMVtpO13IHChEUitA95Zm4_TQQeNG5r9XQ1oKwVvk
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3B0C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3B0C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
l
www.google.com/ads/measurement/ Frame 3B0C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZjSKLuK-r6TVi6rPF6hc7K3US2nIygDU58OOPNo5QEiGgfJBTjfQ3Gwtrp_CyGOMFjcse9W-lm_e4Dy_-FJ4oNqjzMw
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B0C 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:45 GMT
2930775793002074797
s0.2mdn.net/simgad/ Frame 3B0C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2930775793002074797
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
5cd37127a04ecd97976c529a8cabada2f31cabffd6f50099bffafaac4bbb658c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:29:59 GMT
x-content-type-options
nosniff
age
41746
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19570
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 01:32:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Dec 2023 19:29:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5A2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-WhKR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTIAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4_lRlXlyT1UzPvsxr6PU-WqeOkGUuy5bkHVEBtPuD7vYWaX2ks_LgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=6DtvNJCN4CM&uach_m=[UACH]&cid=CAQSPADq26N9mP2IMUapcyROEXxf3luQl5zlIeJrWb6jVytNluRWyMWs3tHPbJjdxHmI2ms99NrxYoYHQHjd6RgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 5A2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kOvgFPn1BnjYBGL4LRICAAAA-ONZtFtuTcMQR8eaY68Kyf-ceqbbthCtABIAAA&wp=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
240572
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame A04D 		124 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
153e9adeec20ccee087424c17425569b7083641550e17852973c897482f3d0df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=BiDyXUOfcFnNxl9yPeT6AHb1JPmUm0tkF9U4ggbd6BxoSaOQcnoskZSKfh894kvFOAwJXTWxa4rkuVGl-2PcP3PD7Odhck_F__Vzh5a7qY81LF3kOItA3z-nTPTR-CZ-xGon6GrtGw9NTD1ygR1IQE4QVIUWY8Hb3es86zY091ibTfgUJ9HBZZaaPWjOh9YeX15-5KC_3wpyg0PYXUdXEDeghggFWoIIbVP20gA3Zd1nGp8vno9GzCjNCmOR89d7hLuCNQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
45609042
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5A2F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 669A 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 06:38:10 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 06:38:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5A2F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
34204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:35:41 GMT
l
www.google.com/ads/measurement/ Frame 5A2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK5mpm7b1qBsvPvkuo3PsA_R0d-wKTEMABnXbhCpGOyvtDLNzf2HpEzk4c0h93jemKp7yHSkNq05BKfoYKwepHRzDh-g
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5A2F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
155811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 11:48:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A2F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BFE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2842437599832549&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 493B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=as&co=nz
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 07:05:45 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02F3 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 07:05:45 GMT
generate_204
tpc.googlesyndication.com/ Frame 69FE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Hwln_w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4872 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3629488238436790&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/ Frame 4AB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED3aH8HTV1Z31cfrRQS61_M&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED3aH8HTV1Z31cfrRQS61_M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARiGtdLZATAB&v=APEucNXuVHJDOxOWnoLGoOoBOD7se-B4a622mJLZIzYPZDwG36BHJQDoqs4R7PUnvdjrJw0i90Z4zOFTu_COpSFyLxzT__yvkA
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:45 GMT
AN-X-Request-Uuid
cc2539db-5ddf-47cd-ba60-8d3692551d5b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED3aH8HTV1Z31cfrRQS61_M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AB8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MDg5Mjc2Njg5ODU0MTIyNQ%3D%3D
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MDg5Mjc2Njg5ODU0MTIyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARiGtdLZATAB&v=APEucNXuVHJDOxOWnoLGoOoBOD7se-B4a622mJLZIzYPZDwG36BHJQDoqs4R7PUnvdjrJw0i90Z4zOFTu_COpSFyLxzT__yvkA
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:45 GMT
AN-X-Request-Uuid
12efa8ad-8c7a-41d4-952a-b308a078f13e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MDg5Mjc2Njg5ODU0MTIyNQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4AB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARiGtdLZATAB&v=APEucNXuVHJDOxOWnoLGoOoBOD7se-B4a622mJLZIzYPZDwG36BHJQDoqs4R7PUnvdjrJw0i90Z4zOFTu_COpSFyLxzT__yvkA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AB8
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2I1ZGUyNTMtNWJlZi0yZDM4LWY4NzYtM2U1NzVlYTVmNzQ2
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2I1ZGUyNTMtNWJlZi0yZDM4LWY4NzYtM2U1NzVlYTVmNzQ2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhD-3vfzARiGtdLZATAB&v=APEucNXuVHJDOxOWnoLGoOoBOD7se-B4a622mJLZIzYPZDwG36BHJQDoqs4R7PUnvdjrJw0i90Z4zOFTu_COpSFyLxzT__yvkA
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2I1ZGUyNTMtNWJlZi0yZDM4LWY4NzYtM2U1NzVlYTVmNzQ2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame A04D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:45 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A04D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:45 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A04D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 10 Dec 2023 07:05:45 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A04D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 10 Dec 2023 07:05:45 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame A04D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=5D_91YZCUyBvh5v7I2bIg29BdjoUOEJD2KQbsY4AbHnN5mIthvqZf226rdEusAZLNITiXQyf7SZ5poRH1H_BgTJdg-NNPB9bi0jOoHYpiFF6IKFSo6ckkis37prg1xZ5LTdGKvCNuPy4wMewXbF43__uQXXb1B9bb_Rv1O6eQodP9bLIIRXsHA0vB0DtxutANiwwv3HUw9E_YQXK9ZCi8vs9nDW8cR43Rx9dV8K7N2khUSd65cYSlCn2-GoaowbsG8UaF3EOiRa6sFOkbfSCW0s_HrSVmBzZ36Sdd2rz0bXlwV2Od3MWS-Bss9VI85VTRV1QVCh0MLEMeZilnS_UWvIMkl1Q7qUhvNuIph--QBGS-LGJp1NRWaqpiylXlhok05zp1pV9VFoKn1UBHIEMNuE58AB1EuP5H2RrQRgyjRSwTw9I
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3070562
expires
Mon, 26 Jul 1997 05:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4FA0 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 06:38:10 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 06:38:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 669A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOJqIst_2R5vp6E4mr1rYw&google_cver=1&google_push=AavPq0NRZQ2dy9KyGLqfp-EfS3NQM6HYDr_4v_WYit174CkCY5MTSle22z5FRw6FvdQZtwTmx9Psy-7HaChIIUHA8jLuqxC73m129W...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E69FE32F54C340C29BA2766198371403&google_push=AavPq0NRZQ2dy9KyGLqfp-EfS3NQM6HYDr_4v_WYit174CkCY5MTSle22z5FRw6FvdQZtwTmx9Psy-7HaChIIUH...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E69FE32F54C340C29BA2766198371403&google_push=AavPq0NRZQ2dy9KyGLqfp-EfS3NQM6HYDr_4v_WYit174CkCY5MTSle22z5FRw6FvdQZtwTmx9Psy-7HaChIIUHA8jLuqxC73m129WHeKy1KennAh0cCTfa4GYvV-Ltr5f4nA1X74mo_xNSE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 07:05:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E69FE32F54C340C29BA2766198371403&google_push=AavPq0NRZQ2dy9KyGLqfp-EfS3NQM6HYDr_4v_WYit174CkCY5MTSle22z5FRw6FvdQZtwTmx9Psy-7HaChIIUHA8jLuqxC73m129WHeKy1KennAh0cCTfa4GYvV-Ltr5f4nA1X74mo_xNSE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 07:05:46 GMT
pixel
cm.g.doubleclick.net/ Frame 669A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0PZD7o62RQyoj3xLEqRriKoiMDpLONPkME3JwdAdZ_VefemN1qV7jyng_sHQh1oLFHSAlHEVk2N6pzotIYSoc...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0PZD7o62RQyoj3xLEqRriKoiMDpLONPkME3JwdAdZ_VefemN1qV7jyng_sHQh1oLFHSAlHEVk2N6pzotIYSoc...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 669A 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJbHHV6AcKYVeML4Hhl_xgY&google_cver=1&google_push=AavPq0MdRRRiRSovb19fSEqQGhIpcSVPxYZCwbkHewEBdT5rktoNcE-MGK-Td5dg0H3A1RywYnL6PQ8R1SGTiOnNhKe1V8Fy3SRhJIh8UthlLz4RcI65oWA6I5PlUWs6PcepemNxzTOMbOuK
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 669A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHugNna7D31ZpkEhIJTEBy0&google_cver=1&google_push=AavPq0NYHb3iRlYUr0qmpeMxqj4-eTIMcM7XlqPTLhIKZNkFT3SIrzbH9uzEdfiOv0C2jPSzShSFzdfhBK4qDt3...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2SzDvRpMTb9ovhwMokSr9XRaStc&google_push=AavPq0NYHb3iRlYUr0qmpeMxqj4-eTIMcM7XlqPTLhIKZNkFT3SIrzbH9uzEdfiOv0C2jPSzShSFzdfhBK4qDt...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2SzDvRpMTb9ovhwMokSr9XRaStc&google_push=AavPq0NYHb3iRlYUr0qmpeMxqj4-eTIMcM7XlqPTLhIKZNkFT3SIrzbH9uzEdfiOv0C2jPSzShSFzdfhBK4qDt3y2Qeoe_wGTDtuyYwOP4M36qSkMhsgX-KzoGgcdEzx38i9_8R2tR8_6xNI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=2SzDvRpMTb9ovhwMokSr9XRaStc&google_push=AavPq0NYHb3iRlYUr0qmpeMxqj4-eTIMcM7XlqPTLhIKZNkFT3SIrzbH9uzEdfiOv0C2jPSzShSFzdfhBK4qDt3y2Qeoe_wGTDtuyYwOP4M36qSkMhsgX-KzoGgcdEzx38i9_8R2tR8_6xNI
Date
Thu, 15 Dec 2022 07:05:46 GMT
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
spacer.gif
an.yandex.ru/resource/ Frame 669A
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?ext-param=AavPq0MiXT4x6uDIKLdqhBaVxf98LqlqJ292ht8Jv14IVfV9yFta_bcV0nJvH33A9hH3s48Ekl_VY87M5FvByKn2EdroHcM0akZ8_PVdy1_LV2CPyPXrjJdupj9l...
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?redir-setuniq=1&ext-param=AavPq0MiXT4x6uDIKLdqhBaVxf98LqlqJ292ht8Jv14IVfV9yFta_bcV0nJvH33A9hH3s48Ekl_VY87M5FvByKn2EdroHcM0akZ8_PVdy1_L...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK-gO-Ia90TYAoqPa482Hcw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 07:05:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 669A 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDN2IE3efq4MYdjnjK4_kj3KJLbL0XI5FP0EWXXIVyNbwPrpgUWfRdOcdr
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 3B0C 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c071e67496668ddb65b463678c6055212671e15f7d2599b54e64dfe3cd094e7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 63CA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1UQMIQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
animejs.js
static.criteo.net/animejs/ Frame A04D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:45 GMT
img
pix.as.criteo.net/img/ Frame A04D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=99914&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F99914%2F221018%2F6ce37c12b49c4d5ba723ff6b2bda79f9_output-onlinepngtools_%289%29.png&v=3&w=236&s=3ha3RCqdhySPBCE_0chXeOWY
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c3d5433298df9a32c8a53ddba38c14ad17bfbfa86f28d4619fe8f092bf4f62d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28767003
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5124
expires
Mon, 13 Nov 2023 05:55:48 GMT
img
pix.as.criteo.net/img/ Frame A04D 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FScarlettTop_Rosette_9.jpg%3Fv%3D1665620758&v=3&w=400&s=qY9pL_BTxzDF_RLExI3IksEk&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3b6a01781b0cdb0f91d44ee98ce8042a006c72ddf6d60b303523e42120f38d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29532959
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13614
expires
Wed, 22 Nov 2023 02:41:45 GMT
img
pix.as.criteo.net/img/ Frame A04D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_AprilCollection_BibFront_SapphireFloral.png%3Fv%3D1659211424&v=3&w=400&s=8w-6Ofu7vA1c4YTzOjlf4Cql&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0decbe3c52c59f8377f5600fe3046fd57124bd45c214bde7568bb420cdc63d64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29281206
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26418
expires
Sun, 19 Nov 2023 04:45:51 GMT
img
pix.as.criteo.net/img/ Frame A04D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_LilouCollection_JesseCardigan_HeronMarle.jpg%3Fv%3D1666835982&v=3&w=400&s=pF9E_De8oxdL2nTV5cR4xFK6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ff9144c3da5d52934c82d7a49997bf685724e98998365d1487de537d0291847b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28014892
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9384
expires
Sat, 04 Nov 2023 13:00:38 GMT
all
csm.as.criteo.net/ Frame A04D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=BiDyXUOfcFnNxl9yPeT6AHb1JPmUm0tkF9U4ggbd6BxoSaOQcnoskZSKfh894kvFOAwJXTWxa4rkuVGl-2PcP3PD7Odhck_F__Vzh5a7qY81LF3kOItA3z-nTPTR-CZ-xGon6GrtGw9NTD1ygR1IQE4QVIUWY8Hb3es86zY091ibTfgUJ9HBZZaaPWjOh9YeX15-5KC_3wpyg0PYXUdXEDeghggFWoIIbVP20gA3Zd1nGp8vno9GzCjNCmOR89d7hLuCNQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A04D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:45 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A04D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Dec 2023 07:05:45 GMT
truncated
/ Frame 5A2F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34522c07f6e4a7d1bb4bc8a794eda9bd9721835d0774d8d6b4e4de6accfac35d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6120 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
583096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Dec 2022 13:07:29 GMT
expires
Fri, 08 Dec 2023 13:07:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4FA0
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOJqIst_2R5vp6E4mr1rYw&google_cver=1&google_push=AavPq0OzB0Rd9RKAKrCAa0N22R9ukivko_Cir_Lihm0GfZLolZYiVrLlvUG0KrqMSdGmjyNBpL2ZftrBJoD6D3RLx_y7_pInYYFtoU...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F74250931EFC458AA55A17FEA1FC362E&google_push=AavPq0OzB0Rd9RKAKrCAa0N22R9ukivko_Cir_Lihm0GfZLolZYiVrLlvUG0KrqMSdGmjyNBpL2ZftrBJoD6D3R...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F74250931EFC458AA55A17FEA1FC362E&google_push=AavPq0OzB0Rd9RKAKrCAa0N22R9ukivko_Cir_Lihm0GfZLolZYiVrLlvUG0KrqMSdGmjyNBpL2ZftrBJoD6D3RLx_y7_pInYYFtoUg0gFaDO7Kfuu03TMtkAQvQAA5cISHH-VZc298zL2E
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 07:05:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F74250931EFC458AA55A17FEA1FC362E&google_push=AavPq0OzB0Rd9RKAKrCAa0N22R9ukivko_Cir_Lihm0GfZLolZYiVrLlvUG0KrqMSdGmjyNBpL2ZftrBJoD6D3RLx_y7_pInYYFtoUg0gFaDO7Kfuu03TMtkAQvQAA5cISHH-VZc298zL2E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 07:05:46 GMT
pixel
cm.g.doubleclick.net/ Frame 4FA0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0Og02A36VEMGVBtiuc_936Kmm-Qb43SPlotrWlSqxcVTD-7dBcGrgpz2c0MH16NrQvYmJZ1mO35Wgg7z7VzJ2...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEIcuUmM5SkBDW53C9z38MH0&google_cver=1&google_push=AavPq0Og02A36VEMGVBtiuc_936Kmm-Qb43SPlotrWlSqxcVTD-7dBcGrgpz2c0MH16NrQvYmJZ1mO35Wgg7z7VzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDlmM2NhMDUtMzdhYy00YzExLTlkMDgtYWYyMGRiZDEzMzg5&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09f3ca05-37ac-4c11-9d08-af20dbd13389
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4FA0 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJbHHV6AcKYVeML4Hhl_xgY&google_cver=1&google_push=AavPq0Onwk54DON0Q9wLq6oQNvYgy0ZVbXCjywjYfwgsTyfVpYcgcRKLjp0p1K1Q9U9WGriHRZV2AejwmO49CJs0SPnNjgRFT2VfLLNy6BhRa1cGTrpHds2fNc_Znr-k5A6NepPZWpCS0uY
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 4FA0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHugNna7D31ZpkEhIJTEBy0&google_cver=1&google_push=AavPq0MuqB_59-xvkP53hnuED0DsKKIhcNLdMHnnqwWvuuokDFtvEl30NXHay8ZsPaPey3ip2IkZn7Sv0JHDIug...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=KULr3jX7RwlUz9RcTJ0oU3RaStc&google_push=AavPq0MuqB_59-xvkP53hnuED0DsKKIhcNLdMHnnqwWvuuokDFtvEl30NXHay8ZsPaPey3ip2IkZn7Sv0JHDIu...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=KULr3jX7RwlUz9RcTJ0oU3RaStc&google_push=AavPq0MuqB_59-xvkP53hnuED0DsKKIhcNLdMHnnqwWvuuokDFtvEl30NXHay8ZsPaPey3ip2IkZn7Sv0JHDIugPBTXR0zB5a59NkHjEvELGtTh68NU7_akGpaoO9MdkcM94smoL2DKbHQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=KULr3jX7RwlUz9RcTJ0oU3RaStc&google_push=AavPq0MuqB_59-xvkP53hnuED0DsKKIhcNLdMHnnqwWvuuokDFtvEl30NXHay8ZsPaPey3ip2IkZn7Sv0JHDIugPBTXR0zB5a59NkHjEvELGtTh68NU7_akGpaoO9MdkcM94smoL2DKbHQ
Date
Thu, 15 Dec 2022 07:05:46 GMT
Connection
keep-alive
Content-Length
284
Content-Type
text/html; charset=utf-8
spacer.gif
an.yandex.ru/resource/ Frame 4FA0
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?ext-param=AavPq0MM5bSbl38H7WjBZTe0b3qvJJq_BvEYZ8EXX23MUu8DVFmTo4zfEDydMCT8RpSwOotLdGSlt-5d9nK6llWp_9_qAgZVmWzwo1E_h1sJUc1FIZoRZnfNfoKm...
  • https://an.yandex.ru/mapuid/google/CAESEK-gO-Ia90TYAoqPa482Hcw?redir-setuniq=1&ext-param=AavPq0MM5bSbl38H7WjBZTe0b3qvJJq_BvEYZ8EXX23MUu8DVFmTo4zfEDydMCT8RpSwOotLdGSlt-5d9nK6llWp_9_qAgZVmWzwo1E_h1sJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK-gO-Ia90TYAoqPa482Hcw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 07:05:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4FA0 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JF8R8yLs4FhB6iXo5aFhFSaYnjfNel-uVS1hgdZECE32CVDB5HGl75MmLF
Requested by
Host: 7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
URL: https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 02F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXXKv8iajhsusQKR2lHo7LhWA5bRVhI01LxvX1qTD-DmW60q7wDF6hG4NL7dIGcrcZL4PEp0ChcWbxoBy5i6sQ84XzzdOrRLBd4AgWGmLEgTMlayPxhJLKDrRK6npG4_QXDrA44kf2AWKlytwL_ge1ZjuwZJKWM5czcwiKX0Xbiqo59NBxnohHuwn_bqUnw4dY3bgfVFMcVTmh7IbN5CuJdIpyFOFA-LbgrTKebMGVmPUPhJajOkWrgoesvrkiv5DAMYwPkAK1_H1ZlLa3803IidiGWgFoXbsuhlvYC2YgUWkJ0otmgF0Ogx4QIeRWySWPiNI4kvb2gDpOnYgHMhDf9CEYDN5sQoBc-yW_uwwRw1z_V0RzmIeZEVN5-hGv8NwPngN42cELUc9CM3W3-x5rJRp2Sj2leZ4otkmJpzGKxPjuAiviyw4QG9tlwkmU_6SwolNi8Rr1-up4r8wZqE5Yrl10XFfHM6d7nbqHB8_kBtEXLM_sLmnMKdnYbUEUB3HEsaj1jwoMaBkbObaQxMvvZxCNQ7jHpizoo9bZLA2Hmc3r79t_m1_2p8gyzPkCYQJmGAdXsqnW_7QDzbQrp6Nk7XyiS_10UudVW8pto9hNmQs4kHXeV-PCebq21vamJu2N53ftor-gq916hYhKrUfmSZcZEm_gCyTM3vL1ITBfjxCMOcHwzsswNfTbigM5tKdbalmUn_gSbEg26uh21kuVThfB-Nf0NeVUqV2kLUWANbtogyKWXjNQCvf97DHQb5GYLywro-r7NiyI_Qf-JyloTP9vXAy1Gsp9_8PKX7ErbsitoopxAEpT9-oxai_s5Q5wLbBoJmdJQd_0GFyJJdhuJ2MdkHAvgwkgYsSP_89C1lVV4h0OyragTJMYoV8FN8oNjbAD6qOsmSLxjLGaTdOxg3DkZVj4pbiOQCNmdjhvf8lA9NN9X7GRdf3-obxO2_Atj-ITft7rBC2DFH27FnoKYuiA7qGY6RQb2zePIVqDq2bZfeiyXFJE_VGf3S8wLhTyHRWDX1BJHlymSneZlo72H9zK62eHlg4fkK8AJcElg9M0ZgHnF2tbIaWZAwyLeCyMaBQQBkBC0sMxXAAFBrpkBshSXYmpAB5nEkIO_d-0imMy478yZS-yk-QOclQ&sai=AMfl-YShPU7HDNf_qQTnkIgHhWhZAKKRT_MlSScci1CZJ2wdI1pbT5OSGRcJc-XtoZwbxGl3MxpTgsD1wHboGyMsbb9XYtn6-v0F2V0nFOUnUsY5nH3rBABvyyk4LT2_7Ew2GxbbhRR1BTwhXT3C_14oy5wsYu3FsGr94a2feZe3qgQg3EWCPBKS66Q6cA&sig=Cg0ArKJSzK_MGFrv_f0sEAE&uach_m=[UACH]&pr=8:62A8D3AAF8B8545E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=926&vt=11&dtpt=925&dett=2&cstd=0&cisv=r20221207.52587&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AHBa3-iUL985WlV-5LC_CNZWi43mAHIxSmxAv7rAnfC6g0DG_FLhmnayb-gxZuRS4oMXN4yZ3su5O0wtSaN39rVVZVAA3FiCB-XvhgLaOZQDv19lXoAJFR1phyKPgRLEvZZ-V2GfCAniS6XYsiG6zyUZCi2NjcOrmWCG-z1EH73WdiSOE&cry=1&dbm_d=AKAmf-C9uGhxKQHqHv3xc2bP9X9HHYaeYfwwbxNUyi5C1gmwMJcTgLZUxym6QgXBmVAvHfKVzlQP6HENeXv-Drz4WllWQRdNRRa8ooiksfnDMtW8x8dkxK7gEico6m_Pidj5lKM2jM9SsmR82HaDP4JRWE3R3AvaOW46BiHuLPdYhNvyySaqqOuFT0pLtvnheHB8Q9uHtFkUe9bETgA0H3WN-sc1cTyCMCiFKrJO-PGvdvG8EoDMTJAjpQoobMgkw6wQ9-xAkzX6MCBeEn2IYCXVemiYlm-WyeW1apyoP2RPKAZUXDAQyVVTvTw-5gKJ2xHQkGsxmToCqmz6gw5Q-Olfp1WUFmicHZk1cM4pcxMw0gJDQ3Is7PkBSHoOUOK3ivjDZ25_ZKoV4dIYWW9fnKbVOw8K9Zt4GeKGdYRAkKsArPdFpfzh0KCIRFDlHijtcE-KUQLo1EIZ6x_Jqo2mvT8qPlpK-GnT1FACxM9_MMymZp2faq8ilRe_fTfv0uzeJ_3Md0EjMfCVvCfRibrdcrQIzeUnODNA3tAMUqin1zgE-j6sDg9iVmHReibiS4gB1jBMG5NGOfqu2A61sc4ij1dElBvXDRGOslbICQvVevQoukPcTUoMV_SSBNH1RmfVy_v8nGDR0USUTjK9c9dqJEzfso9GSIbajkvYog3_bEUqZwv3bPnrKyq6-yQxX3btLjpxkquNXA0vmAouuRqhNb0Kqsn__rV7Lkgd-IQLBcFen0Z6ChC6HkTReY108LQpWtCyAtMrXzHUb0R5x09VDdniXJ58fYZkt9tVrg_kCd5m6PkLFnnd8etQYSi9FoAFsbFBKKpx0ppWZ9Bq_VZDtvlsStVbcjRtf7t0HPZ92c2dIGmUYGcXdLXPg_fWPd_T-wjohx7gnwl3D0T-78Eza38oc_YoZecbsK9pyxu4iZsQ_tppF7AyspqDlAFVGfPwTQ1PBxbstqCexzEzU57sR0tvDzLE7AKRtBNHNM7muxzO5XU4TLh8YVw70NJWpnpazH5uu1eiNtlH9UBMALVE8RcqGOSSuCX7YPeZHsbfxmaTiXqvqasIeh8YA2jd8_V3EkxLYsXaRVmSw-3sqtKB-QM4D7UC7zDfHPff5tp15MPUT_7xzCNMCciRF85kUpqKzN3mBefdU9uhEKzJEoTRQeDAb7lhEsr0cUGUJB0jxNHVA1xYaOtPHXQf0rLUbqVsOI1Y62wqq7BFI57itCrJeTGwF6GmLPjNkb3h5NIxTHKXHBpdGrB837w8CFeXPLwpcciGslqM_8RnIzmH_i-EA56IhcMYiVg7yia_S_ol0folhwQuDsH5MPN8iJGv-Xek1_9AgoutAkuv5Io6ZI0Y2VP0Ujc8ecq-RjuYZLCWi-3DPS226qINxRG5ZMs3aoyt31_bTlSA-DeelcFRyqJy3Ih6QlqW8OqldjRpZlrSiKqn-Q7ROiyu2ZlanHxe32DC_Qxur97EwS6PmQRXVjucu8FfzYZFnocQc46koaYb_8FWfOv5722Vsi33xKdHAlVdJZju_MW0Ph0ongBsJIfi2333kEcyNOOPFPncaTsUvUIdrmJERm-BVyFzKY8Kr4v9r4IJ0okyOiPKRTj6BqJyls21W1u3wWw0ZhkPIwmv9AtXUQf0-VV5ZecsljhiaD1L1BMCyMEVOokjYwgP5AQLgWBjN0ETkKG24pxycelBaeyZ1SXFllhWAI4V6yBnxLMHB__uQKnnMMlqliVksQcE8qz04rb1gfVRXMv7vhZrvmrXbIPLvmEhr1Y27ETjL0NXZNximWeerakaNcUlGTsXia8vSCOZhZSEGn0aC0WzOp_iMpgbUSVR5QEcrIx2Qa_8SwT_BPshyMqFgVCs78eyZinjpolhn_L3cwf4IwyWUO0OixmYvoeb4GQYPn9SUL0vefK6gYX-uKYxzpcgyC5qUEKVGg_0WJegopC3RXdyqY-O2OkjqU-ywBoRxzlB6bo8YPxOstXcUJVDYyj4m38hCO5FEF_wvk7fJnzb0hm5wII4mtmqcLzjmw5504macfyB01vqe14E9I0RpZEiAyUZb-mSEI5696ipqZ-93ETqWwTwRyGhFnQB_lAsgjAGzNnNzbjWP_m4lM06uhdyqCN7UmECXZWNG_OsKcwJHlipy3aAPBq2R8qpWFvsRARGHQwCkpPWiQvnpvaM1GCPAu5AO0_BaxzpoGWLk2sSSDsq5cDFLOLtyAiCN4Fc7enqU4dOgl87rYd6Fb6Xb2AmN2GLXMVT4n8S1MaHiLkOARKZNK721_rLokwb9YPmGwH1qYOFbkAngsBv8mpD81HyhYOp-QYVFKqrxrY-Yfu9T8xxFpPf15TohcPnbCqyQqWr7NRwWlsbEq8cTvrqyOwKbN3swM96gJdFv7juu5vjp2mMdNhAbnYNHQ9JKU8ogM6XQpKvGCDVmtnkRvRDnQrAgFzet7PRzBnR_yrjDSQhslpiA3lWGCFsk6KUs2zL1sqiCBJiCi5aEiXpyVOwKJm792d32Yph-iWOZkAaPJFn2dtdmW9Km-x0jzMMTM0Mi3IMAm7DgFkNIk8FI1tmsv1NxszFLALEWtP3jhya2ImS-3teJ-lLk_011BbAqw-d0L34FCPQMx6VZvuhlgdtRNZ70DlkqGhXUVX5Oc2Kz7yC34Qbw3hGtgrLkq0KsxNQp7IRoTJz-6Ur04-ewhxUoxwu6NrWsPpUldyKII1kKgn9I_ZwXl22KLBwV70O8ClMpazWLlTndpqxMglaxXA1FAvS2OuOgoEbBB7D3lXkh5Nm4b6nB9OU7Dboe-X49hONC1OBkHXsIR07UB0rWzqTfCCV6_NvrLa5ZpEf6fREuMn9p3M2fWiyYGxb_a8hn2crEPJE-BnpB4IdlX1zq1gTn1pOneXo0HNw4ZtOv1EySgNh1afjoO8Un__J_i9-1b_Bib-fO4tLTxALCBa2O1KE4Dk-tTXP3c0eSzgU47yUiCC0xT84BX4Ru5dRyKVnOEoiO1z8bbajEDfT-sjDNL-BWKsGAtqVTTe7ihCmVZmzv-GWoFOJQy02JNHICt5PIXph4H_nZjftaANlasvG0D_jef0gQephBWXikbKbHtn1r_ZlnO3Z6DD5MYJMlMcm9Aqx1UM50ltMlkZnxxjDjJFNoK4DnUfrVN3igVGRlGgGosZkdCfLCYGBtjduKv-YEdU79YXDqHKK1HWYSRnaYo9zjv2ipPKMlXkqr_AmWyr31eRe0GDW1MsmglzWYkOATMOe77L3AxyzwFNE3aUVqI-nagrYH7t8G-Gni8lABIaNp53UXGRZVnoquh7MuC7PQRCjRNXaderbPDjdIQAOtYQIpQR_jy0CjwJQbuDItjXhys4DEMh-xSGFpvQwK09CjF-lJ__tPuO7mJoaE8Nr089s&pr=8:62A8D3AAF8B8545E&cid=CAQSGwDq26N9YxPK2NBEq0QaLh2xBQmZxnjZ-4dNrhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252Fa%252Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 07:05:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 02F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9Wu_kc1KRwtvf5mlvvK7NoStToCmelao-_swx40ne-I2_N5qLbGiPmiTQ1EmiGLFdoC-B-jVRmMXFVonoAqhz8i33GqeTu0WeN4C_6NDsrZJThSVOVnXdhbBW52FUl9zc6jyzQpaxgSyyI0a4nC1Rpqt-L49YdXJPFh7biAQi2XpRpthdAedw1_95QOdhQZOLc9aJUb0_9eT-s7pdVQ0sn8_DAneRLr4I0imCzOIYmy57s1Gk8GzJ4pO_3ILjusn-19rTwEVwsd9q_EOpraUzzio-hRs6Zfl9wrf3Dvfqh_kXZzdAkLfDCW2un80&sai=AMfl-YROsW7b1I0JlDsda1-Tzx_buXcYR5CEUz5SitvEQCi_VBmXFWAWFEMdX6GcolAAjQmSCq74LnKxIYdcK8tQbfzE3lV5Hg59NGhDGWkTGE9fqJwtTe7pJsr8LfC33zP2Ig&sig=Cg0ArKJSzIBvPWX-PWI9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 07:05:45 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 6120 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:48:29 GMT
usync.js
eus.rubiconproject.com/ Frame 493B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=as&co=nz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8d638e1958800f6491b47b547805d16cb0e6a60e9b93f9d36d0ae034e14003f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=as&co=nz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 00:33:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62843
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 00:33:09 GMT
truncated
/ Frame 02F3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b4d50440744de3e1589cc29cf8262457a06f0fae03e63358b159b483f09882d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 3B0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZeM-wyf1u8bqpszhV5IwP7cvNaQmArFENJrzym4ZGTJ6GCD9-WBVBaYmr3ibtt1UIQrcqdTlwBhA3G52xz5N0KpfGVQV3d_X6Fuo3134L2_SnrfEUilj6tUXTrLJgsgtHoJH9jminE5BGfCAfmBrOw10CDYETbOuzT0U7vYVHWaSUjqXe76oqwxWO9lSdnPLtrwkcbWog6FfM214z2MH_wLdvA7YfXZvaXmmjX4UV3DS8ya1OqueSdFwEt5513YGHox3hDzsduJcv-qV7v3_7mrylgYEVsHqIDAwTgQyn9RdCVmKNECq6IiVxXWJvBQM3cEOOfVMvejduMtKVIMdbTXw55XP5dP8EbLHAn2xot0Js0_tEd55ooFfYK5I7mYksLQFTP0oR_JGEMsphRFFESmZvo2Nh0DLSHJJpEGxanj330xNyaIz8-hN7Jt__UdpZJe_pVqPQtxRxLqP_hPI-DrnBydwls-Je7Tvi2D0Rts_m-UuDOTqUF1odCBUDvXqKCOQa2K1VPdKCzMuuKwOdatpsMjwArs5b1LWvBB7QnE5y7p5n1ZoBpT9B0XPOQH9Bh_DIDK-9PgdddFQolqTvnGkcoWNm6OoEyjjXcCTUxYJiXF2GXMMBr1L3MpB0hEwB2GXgAdmDLrf93M13kz88pHOvTC7TpifGKNYQJLCMR7p3cAKg1aTRr4lVXbY9uoL6inXMAYe5ZxcPjuI2kTruYZtzG5Pg-abMoG2XZfD0sgUN7WQ2jt3W68m0QOFuzbEiRRhTUc0Gc8hGqqP5piSwF_WD0heDY6h6mV9ggHm6QhMpkYozw5L8zyxw_MqzO-Ev25T4Y4YYVBsGrumDmX4LOWVNqPL5Y-sKIqqVggeDYr7kDMC6VMfZC5D68gSJ9iODEZBoKwe1PWfK12UHpm-cMGlaN2WiRz9D-TxkjrrWEQJRhZJ1gQciLoYcoc_upVsX3zM1bg9ofD92fkAj2P97P_koDGfXXzZy76xw-61spLdMeHrphJ7MNdfOxk9PJBtXqT5C2s0hA9hH0aPLKmZKFISP-NQBeNOp-db5qE6JUO591YR38eD36liOKazMtmNC_pYMlyDvhuF4bPCwv7dyL68jXgNbvWS1jSftvagJTJEaZD-hqbPesTRrXcI1VIt8oOsAWLZYVHAILo1vrKQt-EXDU7MyzgSP0jjaSLPT5m7JkK1R4kH_Vw&sai=AMfl-YT7dL1O-wySm0Vjd594QPery7ap8CFIrxqltZdr72tJQ_LugOngl5vue_7daokddRGDUEBPYpWlgsDNhkAQ63PnofS4_7Xwwu7IDCMyyK_vzvPjq5vB50NwRGrYEVMlRgyrWp4phqG49w_K62TeYPbyQ1gIMTaM6AHW3a85BbVCGayeV_hW6hVYvwojh8v5WDoeizZcSPmpo8z4Z1GIEObQri33B5dXGweN5u9ZqOg0uoAVkeB8o378z6G_i3nkAcGOcBsZPtD_7O1iWqCp72M1MoxgaGJLAQGqQUOn4Jc005Lio3-OwVtv4czVzO4mReh02D9R4aKk35Zng0CKuVYF-7JLK0HzpLHNxHi78zK1jxOY7BgU-Jj-Kngym2tXMHEcSMZbzMY3arKXH66M2atiOw&sig=Cg0ArKJSzD67wk1DHH5IEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1056&vt=11&dtpt=1055&dett=2&cstd=0&cisv=r20221207.78332&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 07:05:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DC16 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
583097
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Dec 2022 13:07:29 GMT
expires
Fri, 08 Dec 2023 13:07:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6120 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbWC9R8eaY-_6M4XGvQSvgJnYBQAAAAA4AeAEAg&bg=!zM-lz4vNAAYgquz3AKo7ACkAdvg8WphPf9FSBrV6ndcDq8LcilPaY2R9QSmcscMTxNnX-YGqStXGUwIAAABkUgAAAANoAQcKAAdeYjFpnin0mQLpKc6dcT3MP6kfiZ9UxKmvv4KCev0ro3fw1sGVaESU4ZyHEK4oTzmLDAC-hH-XE0TPaaevRA8leTsU5-skXIuB9TuwQwH2HaOQiIf3RCfqDXi-SFSdT9NXtFH-c0wxAbTVNSnQwqIh2f5TXTTo5jfrE3oIU6EfMgq7OpBnGOwAPbq3FXyX12HdhfQzvMnj3a8uHCtSvQY_vNaq2WNac8afV_WlCpKD6zcEzpDzPfkMkt2qAxfj_rVNj1snABmDWOpYyAV4jUwT1cFsSVz7guH7binXCXVi1AHKo7_E2jctxOpPxjloLtFWB2uyPCCOuYD9k6Z2g57rjCK0jS4M95MfZgl_nQ4ILiN0D9GgqKmC3BuRbqDVhAI4UvuoZk-QWa1Qu9m_7GCHKQ2j8dwLen3Sp7sDd6vYFJd2VDSCF-ftraw0m-fbgVnk4D61qdbR3VV5aDbMniMJxPgtcO1ThlIuC5Q_20g7o8taxjvrCqa1pI_pOVk8fqbZewBHNpF85MPmqlfHMUY2YhGBc2WR3Lt8325jfXsOqlSRnvSy5-4YRsdwDOm24G6GwgHO1ba54MzUT0amnkfGykA1USn-E1CJlLCRP-GP0KnmEzNIvOyBzbgY0CDl0gR3bjOBZ6nM7r_2NlcLyyy7tLk50QegBeMizI8-TMyM_h7iuOuaTmMjQWoZk-gFRyDIJ2diWm4asjcLgw0d-hYFcSg1bzsQx6C90rAA7KzIbwwtgttuGJfHfX_2MHl24lPVKlxnK5aYB9BdFYMVroQipWO9HUo25W24o6fO79Bm9HJQtADtWsg3PWJwLXsy7MAA-2JdlTm4LhsRF0H1VGF9PI6fQK0soCLRW5xuIMGK4_0Tyx82ygytbq1f5LcyVxDuA7Io3Mt4QJ8ebjfQ4M-byv08XeltcnsZLYK8K7sYuyo0BS34bh0upieEdURUs3bNiJqWFxMdb4VexrsLEmMGij2GIi9z-X0mHEidI9LQo_W3RQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 493B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGlSDp6R5GVhkQCjgjAU4qQ&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGlSDp6R5GVhkQCjgjAU4qQ&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGlSDp6R5GVhkQCjgjAU4qQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 493B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RvqOOwlwT6Gciu4bftQD0g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RvqOOwlwT6Gciu4bftQD0g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RvqOOwlwT6Gciu4bftQD0g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W72BPFYJMVW4AN8M38JN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RvqOOwlwT6Gciu4bftQD0g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 493B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_-DD6AkqT5qQuvGMGN9qqg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_-DD6AkqT5qQuvGMGN9qqg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_-DD6AkqT5qQuvGMGN9qqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MDAE3PR06M2SQNWEKVTB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_-DD6AkqT5qQuvGMGN9qqg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 493B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOQM4O6-Q-82ZG
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOQM4O6-Q-82ZG
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: ED895840F6724E1383A80E12AD998C46 Ref B: SYD03EDGE0805 Ref C: 2022-12-15T07:05:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv2HuFocENKhLAVl5y5g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOQM4O6-Q-82ZG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 493B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiMTBlZTlmZWFiNzAwNzZiYzM4NTM5Zjk0OTNlMzk0ZGU1N2VkMw
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiMTBlZTlmZWFiNzAwNzZiYzM4NTM5Zjk0OTNlMzk0ZGU1N2VkMw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiMTBlZTlmZWFiNzAwNzZiYzM4NTM5Zjk0OTNlMzk0ZGU1N2VkMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 493B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 493B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPUU00TzYtUS04MlpH
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPUU00TzYtUS04MlpH
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPUU00TzYtUS04MlpH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 493B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3AlVRlELcCeZENwdEAl3Ng?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6O9pp5BE2oJVXjd3u5WfpGHK6IJxQgLXpToMNg--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6O9pp5BE2oJVXjd3u5WfpGHK6IJxQgLXpToMNg--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6O9pp5BE2oJVXjd3u5WfpGHK6IJxQgLXpToMNg--~A
content-length
0
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame DC16 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 20:48:29 GMT
all
csm.as.criteo.net/ Frame A04D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=BiDyXUOfcFnNxl9yPeT6AHb1JPmUm0tkF9U4ggbd6BxoSaOQcnoskZSKfh894kvFOAwJXTWxa4rkuVGl-2PcP3PD7Odhck_F__Vzh5a7qY81LF3kOItA3z-nTPTR-CZ-xGon6GrtGw9NTD1ygR1IQE4QVIUWY8Hb3es86zY091ibTfgUJ9HBZZaaPWjOh9YeX15-5KC_3wpyg0PYXUdXEDeghggFWoIIbVP20gA3Zd1nGp8vno9GzCjNCmOR89d7hLuCNQ&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5rHRwAM_XAKj2MFAAZAL1SIapmJmpNPLucB6w&u=%7CAZeI9VodCXBAwGhvsoLI7Vvoaorni2kxbE3IwCGwK6Q%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Gxs29Hw1nMw7CD1aE8Y8RYa-KP5J90Ek2McRlSOLrjmhda4mBr8qLoVUnGkOOw36jxz18zhZ6wdVCSpGL0-LI86GS9EivT5Wgi-QBFTy8hRrTVnIliAUFKsPi1STneCmiCpeS7INFn0NxoOXi8DK0SKb4uIm0c4RFukkkTWlL_NfimStO-yz2Tse1wbmydg5wGP_hOmCHEYMcGhlv2JuzirxiKb7weY6or2Y0ILLiGWxZyjT96fLDcppWRJKS1RMa-BAxyaWZkhjpvFyrb1IvpEyaeHtaoFEJQ0GPY38Oc1A6adUHQmgD7cilUS0ENDziWYxgDtXmVT05aHmUXqMd5eHA0Be0jcjRk8zu_YNMv4oCNbwveOe5ojx1a9DqKJi9KrR4MLzfXEWW8ROjafWmu0CyEFEvgMQ1BlxHrnv9VPdphqSfzVJAmjQmIKz4R0K3nkjyVQD9xXr4iWH0_VO5nHHLAl0kaEDKSiT1BPj-DzVWupTmuvpt19teTy3HZWq33j-6xfuRz9G9PLnFFURw5lSU6XPa_-GL5jNt6zQBuKAoQUGmGCle4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYyZTR8eaY_D6M4XGvQSvgJnYBZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkkHjf45B6c-4AIAqAMBqgTLAk_QlBkeEwo4gBdw2i-DLVseL7JArKVQGSW4o8kdDBdduhI1cMNcZumRuEL9ZlmSi4r06KfL8Rh4W7wqXX3sWIkv1itMSgu4AnrAMQQWyHv9dkSBNaI6Tsluvvg16HGsxevQ7OPBz7yY1asDPnDqgg-qmidBFT4qapnnoLDQAGAE8LCM68wzeQVTOoatWASuMvd787v1NA-BYVt_tvyTF_R94QtwyAOeK2YT7gfXlHFetFulxoGPoaXFJjbQl5x_FtMK5xB91e1jMBFy3rqVCMHqxhYHJlz1HC9lOQg8ZKu2wAmSMPZPradio20zCcRJfSD895cKLCxvCyx-M1c6tW_qRWHKkD2upD2OY0rrQY_A2c2nNe72SaRKiav6DUggkup4vFZEzLldXDIwN731A6OkmY6amvIk5Y4MlaJXLjI98NoOjpY1zQ0p1_PgBAGABoX6hoW2seacWaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JRPWdD2pVUZJwQCMywDxuB9lONg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 07:05:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 15 Dec 2022 07:05:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
224649
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		351 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
269c201a2ca7bb172d46979b155719e93a3697773962d72645d5e672a8054025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1172072
expires
0
rid
match.adsrvr.org/track/ 		108 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
573d0497c2358cbaff9fb48cd350fbeb7762aa24b68cc409904a80898201c000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 07:05:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 Jan 2023 07:05:46 GMT
sync
eb2.3lift.com/ Frame 6232
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
2db5070733ba10572e20197ab5a6a87432d6547bd1d741f7e43c7f56f0eb0510

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 07:05:47 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 15 Dec 2022 07:05:47 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame BEB2 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
853174d0d65a0974fbde48e2d9268a6e782098adafe744a333c139939be0bc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=169885
content-encoding
gzip
content-length
11800
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 07:05:47 GMT
expires
Sat, 17 Dec 2022 06:17:12 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 1B1E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
995
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
779d5534ab781c51-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 07:05:46 GMT
expires
Thu, 15 Dec 2022 11:05:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame D40E 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.228.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-228-27.lax50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
69903
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 14 Dec 2022 11:40:45 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 47e2c0381c3ebcfdb6d75ac56c4e9d24.cloudfront.net (CloudFront)
x-amz-cf-id
D5JnsD2TliqnPk5FTppWTn-KQqUKmOGIYG6njQFS3C0KRa6sZOXRUQ==
x-amz-cf-pop
LAX50-C3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 77F4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1671087942466
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C2F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
42153
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 15 Dec 2022 07:05:47 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 02 Dec 2022 04:31:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
50, 33831
X-Served-By
cache-lga13626-LGA, cache-mel11266-MEL
X-Timer
S1671087947.076425,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 4256 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 07:05:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame F9C9 		533 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4cbb517783e3b77317d8c554c0f68b8814105ded61040cd20f9e1d644c096ef5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Thu, 15 Dec 2022 07:05:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
58fc60f40dd4435497330822cdf657c5_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221213/ Frame E6C3 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221213/58fc60f40dd4435497330822cdf657c5_cpn_336x280_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
29cf25c600fbcb19402374249a002f7885df857c2ecf166e23e7a3ecc59d0239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 13 Dec 2022 17:14:57 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6398b311-850d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
34061
expires
Sun, 10 Dec 2023 07:05:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 02F3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxchBA6nlD2VFRw4HkIspW0kKo1ScPoSE2IvjYQGjJrC1Qvnu_fqqIqPFtj3x2t1PF7mwO31EQ5Oztlwj5aKekIyzDcHxsG5cSV4sc09_pZtHnsBx4&sig=Cg0ArKJSzA7y7X6BMfttEAE&id=lidar2&mcvt=1001&p=60,450,310,750&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671087944458&rpt=1408&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 02F3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspFUKPjm5lvko71gm4WUb9lTdadBR6PysdGQmfnW9RZJ7X15pN3Bnc24wxbalelZnUil443IAppdahvk3h2tmgzcgf34LImvI&sig=Cg0ArKJSzH1IFO6JBo-qEAE&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671087944458&rpt=1412&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC16 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8NirSMeaY7r-JKrR3LUPnvG7kAoAAAAAOAHgBAI&bg=!dXaldjLNAAYgquz3AKo7ACkAdvg8WhlQwl4E48LIbWfVprX_jXzZoWE-ge3Zoh2DzZlRIDKfMVnCmQIAAABZUgAAAAJoAQeZArmHbgcFapWbAFckzwnejLq4CYGQDU-dsxX1b1nljpRPM6nOOjdh6cPhnoNgTJ-gVKuA811tx969Piay0-KOTy-WD1BLIiQjw-PKk8fM5TXPQ6bNZ6a-mNc3cklzF4ELKX0nlGMp9Z89VSNX4h4mDb6mnd8Tafn_TUsA5KsuHXHIzACPvUf4cKtgeSvCz7kNwGWrvDU7DIMweCBk_Vu-eaZoJk5cEwMSMOqXAu6z0GNHtI1ChYul0NaQkp4HtZxQU3AKMcnTYNr6AaJYRHmf38UgwA2i4a7W4HMIv0TaeFUArOO9TqiGEdGCHjPX9FyoyllXOB-8xlWSQq95_MET3UTUBQHnbJodnVccaVrbaBCH_-mzo53YKihMktH7qnHeDcBBBQiC3WI2lTCve1rk18H8boRzyg0P402pvh3wsUUEn-wN0AM7WUuyhOZP_7cX-vQjxNjWcMXZRP9KUzeuma7d-7h8h46HhgKz9V7LR664KJtGhIY6ezPEaj1RaDY88sTSr53Id9c3g6qsl_ukA8pnFH0q_4_ZjCHPsNCUgqL7dwCgNyrhSkOeNJNcKgUd_8eb-5GBw4Gr__f4Y8u3SgJ8jRh9-Rfg6oK6SK3PqSrtVvlJMFOaNI4d7LJq-vL-EDRU8hOT_9nbK6uOfuSQ-O_3TVaO1aaU7JI_a2m008bsCQSjo_dKmj9ivBzYtHZMofOwTfuz2Ym5ipeMYlogy5gDPE8PEMisAR4dFVOV-kapKPncm9Z-1nsjTORyrHguMCLIkIyuGCsUZWEb5L7_0jcT5gE28TH44dc1TKO-aFfFEZHfkSZTl_pmuxdCewmYJ4L44EvQE1pp6aT1ZaCVwguDRe-VUwI9K17NHXobxtB2iFUhzvJoZm6bXtsn5QN9UVlnrG7zl6pz3hdXG2FrrXBTV2JufIq5JemE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9C9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8413649442431883293&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8413649442431883293&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8413649442431883293&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame F9C9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e7323199-9298-739c-ed96-64ee94473926&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=e7323199-9298-739c-ed96-64ee94473926&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=e7323199-9298-739c-ed96-64ee94473926&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=e7323199-9298-739c-ed96-64ee94473926&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame F9C9
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5rHS8Co8YEAAHUVulIAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5rHS8Co8YEAAHUVulIAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 15 Dec 2022 07:05:47 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5rHS8Co8YEAAHUVulIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad208"}
X-SO-Key
Y5rHS8Co8YEAAHUVulIAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad208
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5rHS8Co8YEAAHUVulIAAAAA
Cache-Control
private
X-SO-HostName
m-ad208.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-IP
116.90.74.215
sd
jp-u.openx.net/w/1.0/ Frame F9C9
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXtsmFjs4wWQks8ADzHoqy5dl88AAAGFFJqBDQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXtsmFjs4wWQks8ADzHoqy5dl88AAAGFFJqBDQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
via
1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXtsmFjs4wWQks8ADzHoqy5dl88AAAGFFJqBDQ
cache-control
no-cache
content-length
0
x-amz-cf-id
jAy95NV-23M_H1DLZ8Ta4v_whg7I88y2i7BsvqBBtkmRn36rjT8kCQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame F9C9 		170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2I1ZGUyNTMtNWJlZi0yZDM4LWY4NzYtM2U1NzVlYTVmNzQ2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArkDgknB1A80rIJesx_3_8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4256 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8d638e1958800f6491b47b547805d16cb0e6a60e9b93f9d36d0ae034e14003f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 00:33:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62842
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 00:33:09 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A6E0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05dba8674db4023a807a4e7f26b326fb72b5bdc22e265f6ea4451a3046be4a7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779d55372ace1c5e-AKL
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 07:05:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOe4tMC9gn8juEtoBL7BO90l7NHld1S91i7014hW9IvYE7DgZbNhv5oesiqdYGQ8%2F8nZgm09ThX3J6CJgHTPzgSgVIG%2BfuJYVT0LqHtHYsyB9kOHc%2F9UOOM3UHLPENdVHppLZN6qbWDtAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B0C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnXhZ_0K9Vij74cLNe9Kmjwcl6SJlAZaNvKz8pqzMEVafoOq1g6d4Z7fsIvOxtmbAUe2bZGpSA5qssM0MqaHb9TDbZGqNKL8M8Yib2buVSRu0e6d6QNK7O8A&sai=AMfl-YRUJoK3BFbJ0TPrYAdUAG-3gqPPopQGJhWPyAaxFmS-iNxPQd7thVH0yqnhqfWK5yQNWY3Z7TmThSBTEKMCLPYfAVNvlz6F8ECq4lq6phd-iKXNK82uSHeE2uq9xeA&sig=Cg0ArKJSzKQFYl_fvWV0EAE&cid=CAQSPADq26N9mP2IMUapcyROEXxf3luQl5zlIeJrWb6jVytNluRWyMWs3tHPbJjdxHmI2ms99NrxYoYHQHjd6RgBIBM&id=lidar2&mcvt=1015&p=1110,436,1200,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671087944490&rpt=1565&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A2F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoD20IOYis6tSX5MMH8eTVjUx0hjlg554qnSEZdstq1zLT949t1CXBAw_9THy_tMZtxGetGvwH42kWn6Wq3C09frug&sig=Cg0ArKJSzDFo-d1oTmOuEAE&cid=CAASFeRoBz_b0Hj-_dwgM0AQEJLb2XssZg&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671087944496&rpt=1627&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6C2F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:47 GMT
AN-X-Request-Uuid
127950b3-b0a2-4678-9d99-b50e59103843
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AB69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2842437599832549&bg=!b2ylbCjNAAYgquz3AKo7ACkAdvg8Wo-Aa5lWo92kWfiCnpCcAVaCsURQa_i1PCAKQvmGK2abvtDasQIAAABuUgAAAAJoAQeZAsstPRsDimRBszkoBpJnjsUQCUnqEFGvqrGAJpwBpXaN_cwG_DEeLc2rXCWLGFDm77R5GZ5_eFomLJkshrNHLmsu3M-cd_dvpjbKZEPZFYeZLfnkz7BlHPfrcwass9SMb6PBx3kSvANaZeM-1vcM4q6AuMNHSr63vUibyozQyoEFibndoz_tgkJ0Ja2GMt35dGI67lFBoNITEMv2sGAwhFuRz6gr2MIyck9QZz3q5gPsZvNeedVB4VCWqAJscMXZahnEUe_5GmlpyHVDFb1JHpy4-eqa1diihs2ZMROHuhQ0qFB3fZ2iJupnecqhCwll9FUbce5MyKNGOZ79jv8qbJcVubiSF30rab0bx5IN8Onno-Oz1qghJOrg92BdiQH2Zz9oHvzcdTxDpSlTaO4tRMr6REw-p-xLQY6a3SQXVVk8xW2gQYf8BhI8fwpoegW9h0KEW8AkYsH-mvfSZotUkXjxUnPq1sVZd5gTVoFUP2ovFd0tT1nIm8rocDY2W9FiVphXSG-7Oe4rJb_uuBklxDEz3T1TFXdJ5-ZZ-ciedLjWUSVjs9s0vnbDBdktW1WMuLBA7dZ6FwQH55DUNWdjAFB1UxYHqcgz62fZfuYthHnzspfOq88_CoXVns-yyWwuyC1n5yC2-g8gYVrCcTe75u9CjWg2jXs3WeKH5M466SKM5n0vwgcL1NO21ZiHOBH7SuOdbWsB3tAQSaF-BwUUF6QNzx3dOvmSUdpx6EfBmOsmiq6iLxxiVaRrj81fga3yVi4ztfM-tx35a9cFxxReZL8_NyoWTmqCJL7HxCJdiNOAa0zjcluIFJtg53vYaUFuywMKKlbsJrklmUxAKiDPHgbtPsk5D_FJlmAH1P35L7ZWWuV5u1C_fmuUhPWAWmXoLJJcOad1trxUNCePwT8F1gSWToIX1NFGkuIK-G77zqf9FstKUtJdnaJBQSMa
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
gum.criteo.com/ Frame BEB2 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
419759
expires
60
usync.html
eus.rubiconproject.com/ Frame 61CD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 07:05:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 07:05:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 82A4
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Drkt%26refUrl%3D%26vid%3D108794743431408954774455100...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=rkt&refUrl=&vid=10879474343140895477445510000V10&ovsid=1974054390676905442
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=rkt&refUrl=&vid=10879474343140895477445510000V10&ovsid=1974054390676905442
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 15 Dec 2022 07:05:49 GMT
expires
Thu, 15 Dec 2022 07:05:49 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 15 Dec 2022 07:05:49 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=rkt&refUrl=&vid=10879474343140895477445510000V10&ovsid=1974054390676905442
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 130C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dpba%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58353
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 07:05:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame BEB2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dapx%26refUrl%3D%26vid%3D10879474343140895477445510000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=apx&refUrl=&vid=10879474343140895477445510000V10&ovsid=5270892766898541225
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=apx&refUrl=&vid=10879474343140895477445510000V10&ovsid=5270892766898541225
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 07:05:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:47 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:47 GMT
AN-X-Request-Uuid
2f68e609-a1fa-416a-a29b-a9c36bbfe1c8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=apx&refUrl=&vid=10879474343140895477445510000V10&ovsid=5270892766898541225
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame BEB2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3140895477445510...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=opx&refUrl=&vid=10879474343140895477445510000V10&ovsid=2f1e5806-3998-497c-8ed9-1a8026a8abfa
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=opx&refUrl=&vid=10879474343140895477445510000V10&ovsid=2f1e5806-3998-497c-8ed9-1a8026a8abfa
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 07:05:47 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:47 GMT

Redirect headers

date
Thu, 15 Dec 2022 07:05:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3140895477445510000V10&type=opx&refUrl=&vid=10879474343140895477445510000V10&ovsid=2f1e5806-3998-497c-8ed9-1a8026a8abfa
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame BEB2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dmma%26refUrl%3D%26vid%3D108794743431408954774455...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=mma&refUrl=&vid=10879474343140895477445510000V10&ovsid=03f6639a-c74b-4000-a2dc-fc0add57bdb0
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=mma&refUrl=&vid=10879474343140895477445510000V10&ovsid=03f6639a-c74b-4000-a2dc-fc0add57bdb0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 07:05:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:48 GMT

Redirect headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=mma&refUrl=&vid=10879474343140895477445510000V10&ovsid=03f6639a-c74b-4000-a2dc-fc0add57bdb0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 07:05:47 GMT
RX-1e3536eb-2823-4118-a15f-d15d85226c95-004
sync.targeting.unrulymedia.com/csync/ Frame BEB2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dr1%26refUrl%3D%26vid%3D10879474343140895477...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dr1%26refUrl%3D%26vid%3D10879474343140...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1483351523
  • https://sync.1rx.io/usersync/tradedesk/09f3ca05-37ac-4c11-9d08-af20dbd13389
  • https://sync.targeting.unrulymedia.com/csync/RX-1e3536eb-2823-4118-a15f-d15d85226c95-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e3536eb-2823-4118-a15f-d15d85226c95-004
0
0
cksync
cs.media.net/ Frame BEB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE0MDg5NTQ3NzQ0NTUxMDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELxTng2TQA5UZuaEZLqIZJk&google_cver=1
45 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELxTng2TQA5UZuaEZLqIZJk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELxTng2TQA5UZuaEZLqIZJk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame BEB2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Ddxu%26refUrl%3D%26vid%3D10879474343140895477445...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Ddxu%26refUrl%3D%26vid%3D10879474343140895...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=dxu&refUrl=&vid=10879474343140895477445510000V10&ovsid=kg3eoGgb1P5Ijq5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=dxu&refUrl=&vid=10879474343140895477445510000V10&ovsid=kg3eoGgb1P5Ijq5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 07:05:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:48 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d347ca036a683313@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3140895477445510000V10&type=dxu&refUrl=&vid=10879474343140895477445510000V10&ovsid=kg3eoGgb1P5Ijq5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame BEB2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1208dfd5-91c6-4226-be72-5c97859bc59f
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1208dfd5-91c6-4226-be72-5c97859bc59f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 07:05:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1208dfd5-91c6-4226-be72-5c97859bc59f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
999782
content-length
0
expires
Thu, 15 Dec 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame BEB2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame BEB2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3140895477445510000V10%26type%3Dzem%26refUrl%3D%26vid%3D10879474343140895477445510...
  • https://stags.bluekai.com/site/23178?id=pli0AfN0iVCwZAmrBxhB&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLQNRUTAQLGJYYGSVSDO5NEC3LSIJ4GQ...
0
0
cksync.php
contextual.media.net/ Frame BEB2
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3140895477445510000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3140895477445510000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=76cf46f3-7cb4-467b-bb94-82a960eb77fa&cs=1
0
0
cksync
cs.media.net/ Frame BEB2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=09f3ca05-37ac-4c11-9d08-af20dbd13389
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=09f3ca05-37ac-4c11-9d08-af20dbd13389
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=09f3ca05-37ac-4c11-9d08-af20dbd13389
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame 6232
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=09f3ca05-37ac-4c11-9d08-af20dbd13389&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=09f3ca05-37ac-4c11-9d08-af20dbd13389&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 07:05:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=09f3ca05-37ac-4c11-9d08-af20dbd13389&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 6232
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAzNjQzMTQzMDc2MjYxNTY5MzU2Mg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6232
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIJTBGLsB_q1K6xQYJu5Kxc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIJTBGLsB_q1K6xQYJu5Kxc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 07:05:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIJTBGLsB_q1K6xQYJu5Kxc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6232
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAzNjQzMTQzMDc2MjYxNTY5MzU2Mg%3D%3D
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAzNjQzMTQzMDc2MjYxNTY5MzU2Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAzNjQzMTQzMDc2MjYxNTY5MzU2Mg%3D%3D
date
Thu, 15 Dec 2022 07:05:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 6232
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4036431430762615693562&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4036431430762615693562&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f&_noobservation=1&_expected_cookie=b33593b...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f&_noobservation=1&_expected_cookie=b33593b8ce70013f833c97db8ce3a887
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 15 Dec 2022 07:05:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779d55420fa2556f-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f&_noobservation=1&_expected_cookie=b33593b8ce70013f833c97db8ce3a887
date
Thu, 15 Dec 2022 07:05:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779d55407e95556f-SYD
content-length
0
/
c1.adform.net/serving/cookie/match/ Frame 6232
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4036431430762615693562&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4036431430762615693562&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
0
0
xuid
eb2.3lift.com/ Frame 6232
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4036431430762615693562?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-OdXmDGhE2oQWY3P_eTYGQPGwSd8nZfrlvhkYMHp5ug--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-OdXmDGhE2oQWY3P_eTYGQPGwSd8nZfrlvhkYMHp5ug--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-OdXmDGhE2oQWY3P_eTYGQPGwSd8nZfrlvhkYMHp5ug--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 6232
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4036431430762615693562
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4036431430762615693562&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4036431430762615693562&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RJ405HJ1N72VVEHZANRH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4036431430762615693562&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 6232 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4036431430762615693562&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
last-modified
Tue, 13 Dec 2022 19:05:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0914827497834FF7BE65048D1B64DD49 Ref B: SYD03EDGE0712 Ref C: 2022-12-15T07:05:48Z
etag
"66efadef25fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 6232
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5270892766898541225&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5270892766898541225&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
AN-X-Request-Uuid
5a77b939-e09e-4118-b1a6-c6e36b99f3dc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=5270892766898541225&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame F388 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.93.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-93-189.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0059f63e482d884c063d4526eec22f6d5875b3a9fe1ee24f2ed85fbce43c6a11

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 15 Dec 2022 07:05:48 GMT
etag
W/"0a77df28f8487ea0ca21baf169aa5079b"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 3970 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 3F91 		729 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3793c9de7db1ba169ff848eb12403215f9c4b220c85daf6500ed84dd46552a74

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
729
content-type
text/html
date
Thu, 15 Dec 2022 07:05:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1511 		2 KB
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8dbb82743f1ad694291a4763553dc42941d0655d9a1a2ff99499399ad0b5a2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779d5538bc701c5e-AKL
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 07:05:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7O41h7DeU6m3lE1gYy9CvziSN46Jr8lZWuaVMKz5w%2FivFghIMLMuQfUBOsEMJagbgDgFAjX0pDjnhBzD0FIu6ARsPLErBGTfa5qVnhfbaA0dfdqA7j3kVb0t09vKbu%2Fltz6UytaECendQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 34BE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 07:05:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 07:05:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F638 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58353
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 07:05:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame FF40 		145 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-40.sin2.r.cloudfront.net
Software
/
Resource Hash
87ae2390cfc4331dcc75f06173f9c60048958ca01ee9dc957e9e345afe68c453

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
145
content-type
text/html
date
Thu, 15 Dec 2022 07:05:48 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-id
MVgUMwncfs64OmEoONZCiQL_pVC1J1C09pn3ldHOtEB8wMyy7Fmb3g==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame D40E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5270892766898541225
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5270892766898541225
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:47 GMT
AN-X-Request-Uuid
fec38e96-8c0a-4d68-b8e3-eec62066abc1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=5270892766898541225
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame D40E
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F0aJCRZHG-HW0w89T_e-Zzr8
0
0
sync
ads.servenobid.com/ Frame D40E
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=F0aJCLZH-po76GTGQNqZ81k4
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F0aJCLZH-po76GTGQNqZ81k4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=F0aJCLZH-po76GTGQNqZ81k4
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
RX-1e3536eb-2823-4118-a15f-d15d85226c95-004
sync.targeting.unrulymedia.com/csync/ Frame D40E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1671087948343
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4963824870
  • https://sync.1rx.io/usersync/tradedesk/09f3ca05-37ac-4c11-9d08-af20dbd13389
  • https://sync.targeting.unrulymedia.com/csync/RX-1e3536eb-2823-4118-a15f-d15d85226c95-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e3536eb-2823-4118-a15f-d15d85226c95-004
0
0
sync
ads.servenobid.com/ Frame D40E
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1975180290392194244
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1975180290392194244
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1975180290392194244
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame D40E 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D40E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1476%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D42a96ba1-afc8-46f4-91ab-d22c6a9b57ae%26bidder%3Dappnexus%26cbx%3...
  • https://prebid.a-mo.net/cchain/0/1476?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=42a96ba1-afc8-46f4-91ab-d22c6a9b57ae&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F1476%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D42a96ba1-afc8-46f4-91ab-d22c6a9b57ae%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:49 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F1476%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D42a96ba1-afc8-46f4-91ab-d22c6a9b57ae%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame D40E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame D40E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zN...
0
0
sync
ads.servenobid.com/ Frame D40E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
date
Thu, 15 Dec 2022 07:05:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame 3CFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3629488238436790&bg=!Z2SlZCDNAAYgquz3AKo7ACkAdvg8WsEouhgsbtyKnsbhbfeEPzPkTGxGWnoVvgiP0xPnF4wLPib9qAIAAAD3UgAAAAJoAQeZAsyG4ltTbwWigDhIaXv4ZckEvLFCJ_2ooAdfp5LhkupQwIsW3kKs3BPfvyWGkJEBAV1IbfwkbemMvGYKK0kCiW-vCJy4VOWUGKbl5FUbe2581B6zZcRGbyFzb9XS83zddc-d6rSgtp3wWqt2aUs3ftezgY6KM-YGXLm6bMc8HJV4Mxt0_g_hQkhK1iq5dKGZrXFxPVAT6ifFQ3FoF58fNZr_KurpAr72ZX99dHiywNMAmpJ6OXmzsdKhJlv3bZ6NVaVkfX-h5JoQLXuxucfaD__HHInksgkn1dl9CFPf0bGhta4WD4HSKqGV37-ZGw071qHLsf97L2l-xzLrCsjjAYjfGzwrWnRFGJpElf_392xHtREHSNw2ONgygRQjqZ6ofDpFe3Oax34qjHupTMQ26U_CMOkcr1w_acouEbKk0YOi3kcNbfYp0YyK6HM89S8e_oGnf76HSLa6DnEBEfsyzcepPRKeHJXkbidyrSz8rqP3E1fGBuzCPFAjH1LhlV8waWJIsp7UCqbFfybk7H4edOvAFEeMhNInE2_pF4Nv9F6RjNRTQeQG5C9_UkVk558eCWAuR9_8PsU958xLgTNnw87Sp_--HL01rZbRwkJJKwfw80fbglMul_JyCZNGWCzVsvYeItB-KZO4d56Zgh0ch2m--xvGOH2NVWjUzsnZeShPtKPrRTyqQSKvPs6PcPVabGy9OSoBjH_mWhpDrifDJ5yTa7e6tnadVrzfPhIDLA5rtiXDEHzOOAvh6GX_kmCl3mkbSIZBOJZ_xDofZXQ0aaiJ7JWTb1u4MdbYBeTog6BFZTwLMULw5iiGanEAzIW5dBabj2FFkYKTouYAHdxQH8vXlK1-I_e3roX4gF0ejhqg5ZgJ6Kh-LRIQOOMmMcmNsH3OcqX-hKnLoZhdRmT9s680TFeebyKbSbB3S7QUIX1taMjsGLp2xsAy14VK2w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame A6E0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YCHNW7KQ4NKVT15YMQR6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1GGQHP1QZWEZGWB4703J
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A6E0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&expiration=1673679947&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&expiration=1673679947&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&expiration=1673679947&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame A6E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGo9iqmKPyt3b9Gs89gfqYHtcFdbpk2ySw%2BDYKUT8nT%2Bg%2FvDfbUOTvtRmQftlHrYg2S5xFEaj98D6EYxF6r07edqYzN%2FaHSIYdDl4%2BCNAy4%2BShuvynhREXeqLwrhlg%2BXWlykD22KbNPGYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779d553c1beaeea2-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A6E0 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.134.197 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-134-197.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A6E0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.141.134.197 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-134-197.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame A6E0
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_639ac74c4c9d8&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639ac74c4c9d8
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639ac74c4c9d8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 07:05:48 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639ac74c4c9d8
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
23178
stags.bluekai.com/site/ Frame A6E0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=wUTbNYku3_EFCkfQ-Exh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
0
0
crum
dsum-sec.casalemedia.com/ Frame A6E0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3b3e639a-c74c-4c00-bd06-26829a5e83d4
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3b3e639a-c74c-4c00-bd06-26829a5e83d4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3b3e639a-c74c-4c00-bd06-26829a5e83d4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 07:05:47 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A6E0 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5rHSe37pMogvKGDlAtQ5gAA%265028
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67707
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
779d553dcaee1c56-AKL
content-length
43
expires
Fri, 16 Dec 2022 07:05:48 GMT
crum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270892766898541225
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270892766898541225
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
AN-X-Request-Uuid
9dc4857b-1002-408e-b681-bcd47031a1bf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270892766898541225
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8413649442431883293
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8413649442431883293
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8413649442431883293
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFRA07HNY8AACBCmR5eZw&expiration=1672297549
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFRA07HNY8AACBCmR5eZw&expiration=1672297549
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFRA07HNY8AACBCmR5eZw&expiration=1672297549
Date
Thu, 15 Dec 2022 07:05:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5rHTAAEFyeDrAAZ
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5rHTAAEFyeDrAAZ&_test=Y5rHTAAEFyeDrAAZ
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5rHTAAEFyeDrAAZ&_test=Y5rHTAAEFyeDrAAZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11269-MEL
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671087949.636280,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5rHTAAEFyeDrAAZ&_test=Y5rHTAAEFyeDrAAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2J6MuJasSeyCLJpkW6EKTWwAaAr7oHSRjNKfVtIZIaRy2E9nimlJzfkDrDuvRtZoddnS7PmziK5SBE%2F71y5tAhUOc9oj6EUYdcHqd13VG01dnXemmF2%2FiL4e%2BhCjP4OiySBJs48eOJuDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779d553c4c07eea2-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAjUJPfMiPixS1JvglBy6sE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5rHTMCo8YEAAHUVunAAAAAA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5rHTMCo8YEAAHUVunAAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 15 Dec 2022 07:05:48 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5rHTMCo8YEAAHUVunAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad99"}
X-SO-Key
Y5rHTMCo8YEAAHUVunAAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad99
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5rHTMCo8YEAAHUVunAAAAAA
Cache-Control
private
X-SO-HostName
m-ad99.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-IP
116.90.74.215
crum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9421639a-c74c-4700-b772-52fc4d520842
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9421639a-c74c-4700-b772-52fc4d520842
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9421639a-c74c-4700-b772-52fc4d520842
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 07:05:47 GMT
crum
dsum.casalemedia.com/ Frame 1511
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e37f99dd-9bc0-d7f1-aac16695
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e37f99dd-9bc0-d7f1-aac16695
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEF00gJzqFny0FxIaphjj5zE938UYUFW0ej6jQUB9GI9BNUOiB4GdfaHjG6D83T%2BMBJ8hzJZ7RTHWM2c7IMZn4W%2FXVLVyLDSPQeskaPsCbw3C6cgOlyfs8rnrnrAI6%2Ffd%2FIz8ciK"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779d553fc8891c57-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 15 Dec 2022 07:05:48 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=e37f99dd-9bc0-d7f1-aac16695
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
ads.servenobid.com/ Frame 1511 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F638 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44189667&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5b271345de7e001a595a7bd7fb970e9ee51453a85be5831173a92ad8309c3c63

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 07:05:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 6C2F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
AN-X-Request-Uuid
0997b281-3bb7-446f-aa1b-47b62462c7e5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3F91 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4344244401077684513&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 3F91
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=998714e5-f0f8-42d3-8edb-f95d739208b3&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=998714e5-f0f8-42d3-8edb-f95d739208b3&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=998714e5-f0f8-42d3-8edb-f95d739208b3&gdpr=0
date
Thu, 15 Dec 2022 07:05:48 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 3F91
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=c11a46d7ea&gdpr=0&gdpr_consent=
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=c11a46d7ea&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=c11a46d7ea&gdpr=0&gdpr_consent=
Connection
keep-alive
X-XSS-Protection
1; mode=block
/
rtb-csync.smartadserver.com/redir/ Frame 3F91
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=L7zNnHq4wMU0uMLOe-nZzyu_l8g07ZHNL-rj8V4z
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=L7zNnHq4wMU0uMLOe-nZzyu_l8g07ZHNL-rj8V4z
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=L7zNnHq4wMU0uMLOe-nZzyu_l8g07ZHNL-rj8V4z
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3F91
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=5gd-jHQjkXfSoiU43sQlugPQg
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=5gd-jHQjkXfSoiU43sQlugPQg
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 15 Dec 2022 07:05:49 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=5gd-jHQjkXfSoiU43sQlugPQg
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame F388
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5270892766898541225
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5270892766898541225
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:48 GMT
AN-X-Request-Uuid
aee05d0c-8d48-4e55-814b-1d4b68038bd9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=5270892766898541225
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F388
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_677f496d-9d1e-4862-961b-79c94c41f6e6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://usersync.gumgum.com/usersync?b=bsw&i=16b5ed26-3d7e-4882-8a30-b635311213ae
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=16b5ed26-3d7e-4882-8a30-b635311213ae
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=16b5ed26-3d7e-4882-8a30-b635311213ae
Date
Thu, 15 Dec 2022 07:05:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame F388
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2942ebde-35fb-4709-54cf-d45c4c9d2853$ip$116.90.74.215
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2942ebde-35fb-4709-54cf-d45c4c9d2853$ip$116.90.74.215
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2942ebde-35fb-4709-54cf-d45c4c9d2853$ip$116.90.74.215
Date
Thu, 15 Dec 2022 07:05:48 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame F388
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_677f496d-9d1e-4862-961b-79c94c41f6e6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=ryewugNpV6EV6B29SIn5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TZMV3XKZ2OOBLDMRKWGZBDEOKTJFXDK...
0
0
RX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004
sync.targeting.unrulymedia.com/csync/ Frame F388
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1671087948537
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1301396462
  • https://sync.1rx.io/usersync/tradedesk/09f3ca05-37ac-4c11-9d08-af20dbd13389
  • https://sync.targeting.unrulymedia.com/csync/RX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004
0
0
usersync
usersync.gumgum.com/ Frame F388
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=abFGvPwOVYEK&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=abFGvPwOVYEK&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=abFGvPwOVYEK&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-547db7d84-5zdxh
expires
-1
syncPartner
sync.outbrain.com/ Frame F388
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28C7ZcOmnHP4KQ6TGBe2UFKUcpVNLUc_HYGHGGjrbKiq8JHiPSMq6KIUDiv2sT6d28%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_677f496d-9d1e-4862-961b-79c94c41f6e6&obuid=ENC(C7ZcOmnHP4KQ6TGBe2UFKUcpVNLUc_HYGHGGjrbKiq8JHiPSMq6KIUDiv2sT6d28)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
0
0
usersync
usersync.gumgum.com/ Frame F388
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=100f95e9-ba8d-4bca-8aed-74035c173860
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=100f95e9-ba8d-4bca-8aed-74035c173860
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 07:05:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=100f95e9-ba8d-4bca-8aed-74035c173860
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F388
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Z3I43CZE2pdhPoukp00Uh1UcpZdp4VA9oi5r~A
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame F388 		0
0
services
sync.technoratimedia.com/ Frame F388 		0
0
142
match.deepintent.com/usersync/ Frame F388 		0
0
server_match
ad.360yield.com/ Frame F388 		0
0
sync
ssbsync.smartadserver.com/api/ Frame F388 		0
0
sync
ads.servenobid.com/ Frame F388 		0
0
0.gif
id5-sync.com/i/495/ Frame 6287
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58353
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 07:05:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame E95A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=09f3ca05-37ac-4c11-9d08-af20dbd13389
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=09f3ca05-37ac-4c11-9d08-af20dbd13389
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 15 Dec 2022 07:05:48 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=09f3ca05-37ac-4c11-9d08-af20dbd13389
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 0E3C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=03f6639a-c74b-4000-a2dc-fc0add57bdb0&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=03f6639a-c74b-4000-a2dc-fc0add57bdb0&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:48 GMT
Expires
Thu, 15 Dec 2022 07:05:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x22 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=03f6639a-c74b-4000-a2dc-fc0add57bdb0&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 80E8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5rHTAAEJBDs3AAp&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y5rHTAAEJBDs3AAp&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 07:05:49 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y5rHTAAEJBDs3AAp&gdpr=0&gdpr_consent=&_test=Y5rHTAAEJBDs3AAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11269-MEL
x-timer
S1671087949.118950,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame BCF0 		170 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82NzdmNDk2ZC05ZDFlLTQ4NjItOTYxYi03OWM5NGM0MWY2ZTY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 07:05:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame D362 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.231.199 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame B420
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5rHTMCo8YEAAHUVunAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5rHTMCo8YEAAHUVunAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 07:05:48 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5rHTMCo8YEAAHUVunAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad99.dc4p.scaleout.jp
X-SO-IP
116.90.74.215
X-SO-Key
Y5rHTMCo8YEAAHUVunAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5rHTMCo8YEAAHUVunAAAAAA","privacy_sensitive":false,"uid":"Y5rHTMCo8YEAAHUVunAAAAAA","upstream_id":"m-ad99"}
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-UID
Y5rHTMCo8YEAAHUVunAAAAAA
X-SO-Upstream-ID
m-ad99
usersync
usersync.gumgum.com/ Frame 7D44
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5rHSe37pMogvKGDlAtQ5gAA%265028
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5rHSe37pMogvKGDlAtQ5gAA%265028
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779d553e0cf3eea2-AKL
content-length
0
date
Thu, 15 Dec 2022 07:05:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5rHSe37pMogvKGDlAtQ5gAA%265028
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWt7W2DdSMEywcMQ1kYlsQYD0GDnB6oV%2BqedE9JwvP%2FtYEDskrWagVwm2pCcm8LK5gHbbKYmZtcQwnXjSqDJhEZIWOZF9wFy%2FSLIkuOG4Y44h53Xmm6uhz0aA2dzk2klsIZFaCwhlImPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B91B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=e4GDW8XfKa3irtsQnN4c&pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame E43C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 07:05:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 07:05:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame FF40 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=LhnRMiEaC_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 34BE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8d638e1958800f6491b47b547805d16cb0e6a60e9b93f9d36d0ae034e14003f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 00:33:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62841
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 00:33:09 GMT
usync.js
eus.rubiconproject.com/ Frame 61CD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8d638e1958800f6491b47b547805d16cb0e6a60e9b93f9d36d0ae034e14003f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 00:33:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62841
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 00:33:09 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 34BE 		0
0
cksync.php
contextual.media.net/ Frame 61CD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LBOQM4O6-Q-82ZG
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBOQM4O6-Q-82ZG
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBOQM4O6-Q-82ZG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 07:05:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 07:05:49 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBOQM4O6-Q-82ZG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame B7DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9421639a-c74c-4700-b772-52fc4d520842&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9421639a-c74c-4700-b772-52fc4d520842&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
Thu, 15 Dec 2022 07:05:48 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x20 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9421639a-c74c-4700-b772-52fc4d520842&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame CC64
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rHTAAEFyeDrAAZ&gdpr=0&gdpr_consent=
1 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rHTAAEFyeDrAAZ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 07:05:48 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rHTAAEFyeDrAAZ&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11269-MEL
x-timer
S1671087949.978625,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame E2A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270892766898541225&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270892766898541225&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
e638b7be-e786-42a2-9491-d2f7861f624e
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 07:05:49 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270892766898541225&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E045
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6zdm62d3vm
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6zdm62d3vm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 15 Dec 2022 07:05:49 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6zdm62d3vm
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
sync
ads.servenobid.com/ Frame 92AA 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.50.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-50-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 15 Dec 2022 07:05:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F638
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y4QH4ORlReqVY9_HwW3yqw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:49 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=58352
accept-ranges
bytes
content-length
5549
expires
Thu, 15 Dec 2022 23:18:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F638
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=CB8407E0-E465-45EA-9563-DFC7C16DF2AB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=CB8407E0-E465-45EA-9563-DFC7C16DF2AB
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=94776736-53b6-4623-8637-dd760c1a6dd7%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=94776736-53b6-4623-8637-dd760c1a6dd7%2C
0
0
qmap
sync.crwdcntrl.net/ Frame F638
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.74.234.58 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.9.223
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.4.121
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame F638
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&sInitiator=external&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame F638
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0I4NDA3RTAtRTQ2NS00NUVBLTk1NjMtREZDN0MxNkRGMkFC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F638
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB16Qk3ozrpO6wQ3Vcus-fU&google_cver=1
42 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB16Qk3ozrpO6wQ3Vcus-fU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB16Qk3ozrpO6wQ3Vcus-fU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F638
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F74250931EFC458AA55A17FEA1FC362E
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F74250931EFC458AA55A17FEA1FC362E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 15 Dec 2022 07:05:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F74250931EFC458AA55A17FEA1FC362E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 07:05:49 GMT
CB8407E0-E465-45EA-9563-DFC7C16DF2AB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F638 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CB8407E0-E465-45EA-9563-DFC7C16DF2AB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.134.197 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-134-197.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:05:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F638
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 07:05:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=09f3ca05-37ac-4c11-9d08-af20dbd13389&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame F638
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UkSZ6ltE2uWf6JKZiU90w4pRg0ElK88-~A&gdpr=0&gdpr_consent=
0
0
usync.js
eus.rubiconproject.com/ Frame E43C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-150-27.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8d638e1958800f6491b47b547805d16cb0e6a60e9b93f9d36d0ae034e14003f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 07:05:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 00:33:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62840
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 00:33:09 GMT
usersync
usersync.gumgum.com/ Frame E43C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBOQM4O6-Q-82ZG
  • https://usersync.gumgum.com/usersync?b=mag&i=LBOQM4O6-Q-82ZG
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LBOQM4O6-Q-82ZG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 07:05:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LBOQM4O6-Q-82ZG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=9743&cid=440016029.1671087944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671087944&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&dt=%E6%96%B0%E6%B0%B4%E4%BA%95%E8%93%8B%E5%A5%BD%E3%80%80%E6%9D%91%E6%B0%91%E9%96%8B%E5%BF%83%E6%90%B6%E6%B4%97%E6%89%8B%EF%BC%81%E4%B8%8B%E7%A7%92%E3%80%8C%E5%99%B4%E5%87%BA%E4%B8%80%E6%A2%9D%E8%9B%87%E3%80%8D%E5%9A%87%E8%B7%91%E5%85%A8%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 07:05:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-1e3536eb-2823-4118-a15f-d15d85226c95-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e3536eb-2823-4118-a15f-d15d85226c95-004
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLQNRUTAQLGJYYGSVSDO5NEC3LSIJ4GQQRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTAOBXHE2DONBTGQZTCNBQHA4TKNBXG42DINJVGEYDAMBQKYYTAJTWONUWIPJTGE2DAOBZGU2DONZUGQ2TKMJQGAYDAVRRGA
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?type=mf&ovsid=76cf46f3-7cb4-467b-bb94-82a960eb77fa&cs=1
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=F0aJCRZHG-HW0w89T_e-Zzr8
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-1e3536eb-2823-4118-a15f-d15d85226c95-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e3536eb-2823-4118-a15f-d15d85226c95-004
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYyARo4AQ==
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=wUTbNYku3_EFCkfQ-Exh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD252VKRRE4WLLOUZV6RKGINVWMUJNIV4GQ
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TZMV3XKZ2OOBLDMRKWGZBDEOKTJFXDKJTVONPXA4TJOZQWG6J5GEWS2LI
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Z3I43CZE2pdhPoukp00Uh1UcpZdp4VA9oi5r~A
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_677f496d-9d1e-4862-961b-79c94c41f6e6
Domain
id5-sync.com
URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rth&i=e4GDW8XfKa3irtsQnN4c&pi=gumgum&tc=1
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LBOQM4O6-Q-82ZG
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=09f3ca05-37ac-4c11-9d08-af20dbd13389&ttd_puid=94776736-53b6-4623-8637-dd760c1a6dd7%2C
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CB8407E0-E465-45EA-9563-DFC7C16DF2AB&sInitiator=external&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UkSZ6ltE2uWf6JKZiU90w4pRg0ElK88-~A&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck object| google_ad_modifications number| google_global_correlator object| google_prev_clients string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| quantserve function| __qc object| ezt object| _qoptions boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

111 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQlv3ppNEwCgoIgQIQlv3ppNEwCgoI4gEQlv3ppNEwCgoI5gEQlv3ppNEwCgoIhwIQlv3ppNEwCgkICRCW_emk0TAKCQg6EJb96aTRMAoKCIwCEJb96aTRMAoJCF8Qlv3ppNEwCgkIHxCW_emk0TA=
.aralego.com/ Name: sspid
Value: be43096d-9c5a-3c99-8b14-f629d4de969a
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 02051de7-e616-4948-926a-2cbe08bb7fad
.doubleclick.net/ Name: IDE
Value: AHWqTUnMt6wlsTSGITOmr_CFsRMTa8iOSTM0NBLShjJ9qa9iPEo1q0YT7mX1y2f-_1g
.adpushup.com/ Name: ap_uid
Value: e211dd92-7c46-11ed-bde7-000d3a0902ad
.adpushup.com/ Name: ap_usid
Value: e211dd93-7c46-11ed-bde7-000d3a0902ad
.bg3.co/ Name: __gpi
Value: UID=00000b90faef6186:T=1671087940:RT=1671087940:S=ALNI_MZUDewIS3bjdqj-7PWqUP8QT32Xfg
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 349e0ec0-3b1f-4c6b-b740-ac06f0600adb
.openx.net/ Name: i
Value: 349e0ec0-3b1f-4c6b-b740-ac06f0600adb|1671087941
.omnitagjs.com/ Name: ayl_visitor
Value: 827ec16b36a497b8f8c7ec5e4a279ec5
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwxo7rnAY4AUABSAEQxo7rnAYYAA..
.adnxs.com/ Name: uuid2
Value: 5270892766898541225
.rubiconproject.com/ Name: khaos
Value: LBOQM4O6-Q-82ZG
.teads.tv/ Name: tt_viewer
Value: 5dae846c-c2a9-43f4-89eb-e8a45e585b73
.bg3.co/ Name: __gads
Value: ID=f7f3e862542827c2-22cf3f270fd9003e:T=1671087940:S=ALNI_MYxYdOFHAUvcUrEMmJAcxe3rDs8Cg
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1671087944.1.0.1671087944.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.440016029.1671087944
.quantserve.com/ Name: mc
Value: 639ac748-763bf-220c5-be06e
.bg3.co/ Name: __qca
Value: P0-274883148-1671087941809
.lkqd.net/ Name: lkqdidts
Value: 1671087945
.lkqd.net/ Name: sr59
Value: 1||1671087945
.lkqd.net/ Name: lkqdid
Value: UaaZFzeft54
.adsrvr.org/ Name: TDID
Value: 09f3ca05-37ac-4c11-9d08-af20dbd13389
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Orc<XN!]tbPl1M>e)ZlrFUfJ+tGXxoyIQE8F:sF#YTi.^?B$E.*^fNv7^NE<tk8tVn*bpRz*qF1`*b^!c)dQK.
.blismedia.com/ Name: b
Value: 639AC74966890280F9CA0834BLIS
.simpli.fi/ Name: suid
Value: F74250931EFC458AA55A17FEA1FC362E
.casalemedia.com/ Name: CMID
Value: Y5rHSe37pMogvKGDlAtQ5gAA
.casalemedia.com/ Name: CMPS
Value: 5028
.casalemedia.com/ Name: CMPRO
Value: 5028
.yandex.ru/ Name: yuidss
Value: 9499115821671087946
.yandex.ru/ Name: yandexuid
Value: 9499115821671087946
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2209f3ca05-37ac-4c11-9d08-af20dbd13389%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-15T07%3A05%3A46%22%7D
.openx.net/ Name: pd
Value: v2|1671087946|jElYiuvOiahI
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2942ebde-35fb-4709-54cf-d45c4c9d2853.l3KH5aQseBMIe2SMMholYeloNFZy%2FaFDx6WjFsLGhrg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKULr3jX7RwlUz9RcTJ0oU3RaStc.7a4noCAbFNO0yk0fvfaV8ax3rEh7oLAsiTUGR9GTDhU
.3lift.com/ Name: tluid
Value: 4036431430762615693562
.openx.net/ Name: univ_id
Value: 537072971|09f3ca05-37ac-4c11-9d08-af20dbd13389|1671087947217482
.media.net/ Name: visitor-id
Value: 3140895477445510000V10
.turn.com/ Name: uid
Value: 8413649442431883293
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjcxMDg3OTQ3fQ
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 42a96ba1-afc8-46f4-91ab-d22c6a9b57ae
.prebid.a-mo.net/ Name: sd_amuid2
Value: 42a96ba1-afc8-46f4-91ab-d22c6a9b57ae
.media.net/ Name: data-o
Value: 2f1e5806-3998-497c-8ed9-1a8026a8abfa~~8
.media.net/ Name: data-a
Value: 5270892766898541225~~8
.media.net/ Name: data-g
Value: CAESELxTng2TQA5UZuaEZLqIZJk~~8
.bg3.co/ Name: cto_bundle
Value: -fec618xaFVJNldGVUdaSUw5ViUyQmEyZyUyQlhXWDJvN3kydFclMkZDQUk5WWFXcG1namVyU1NBSW9sMXQlMkI0b2NvJTJCR2EzRkloOXZnSGZNc1pnTTc2T3BWRDIlMkIlMkYwSXNHNnA1bHdHJTJGWXhZMGw2aHpiTklsNXMlM0Q
.bg3.co/ Name: cto_bidid
Value: kDnMU19oTHYlMkJnODV0azNmTm9DSEtxNjh4ZUh6TzRUUzFPaiUyQmxaTkxXT2RXdDBRdWMlMkZPWXJYV25ORThoZ2tTamRWSHdrU1ZqUE1DaWFmczcwTzUlMkZiejhwVDJ3JTNEJTNE
.linkedin.com/ Name: li_sugr
Value: 0dbfe93a-cd89-44ea-bb5e-e20c577a4c0f
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&cc764488-d252-456f-865b-1ff6a6573e6a"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2522:u=1:x=1:i=1671087947:t=1671174347:v=2:sig=AQGfduo7Tkq1zb__BNIzxLQwwJgMF1EX"
.socdm.com/ Name: SOC
Value: Y5rHTMCo8YEAAHUVunAAAAAA
.criteo.com/ Name: uid
Value: 1208dfd5-91c6-4226-be72-5c97859bc59f
.ads.pubmatic.com/ Name: KCCH
Value: YES
.ladsp.com/ Name: smn_uid
Value: dSQ_Og0TDZnn6JjQxWeGbg8x6KsuXZc
.ladsp.com/ Name: lum
Value: CI2C6qTRMBIFCAMQ0AU
.servenobid.com/ Name: pid_312
Value: 5270892766898541225
.smartadserver.com/ Name: pid
Value: 4344244401077684513
.yahoo.com/ Name: A3
Value: d=AQABBEzHmmMCEDZjgOHq3dq6NyAh1cblzNIFEgEBAQEYnGOkYwAAAAAA_eMAAA&S=AQAAAm1OwspbE-XOcxVvJAnf_Eo
.gumgum.com/ Name: vst
Value: a_677f496d-9d1e-4862-961b-79c94c41f6e6
.bidswitch.net/ Name: tuuid
Value: 16b5ed26-3d7e-4882-8a30-b635311213ae
.bidswitch.net/ Name: c
Value: 1671087948
.bidswitch.net/ Name: tuuid_lu
Value: 1671087948
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.w55c.net/ Name: wfivefivec
Value: kg3eoGgb1P5Ijq5
.dyntrk.com/ Name: dyn_u
Value: 07030002_639ac74c4c9d8
.mathtag.com/ Name: uuid
Value: 9421639a-c74c-4700-b772-52fc4d520842
.media.net/ Name: data-c
Value: 1208dfd5-91c6-4226-be72-5c97859bc59f~~1
.media.net/ Name: data-c-ts
Value: 1671087948
.media.net/ Name: data-mm
Value: 03f6639a-c74b-4000-a2dc-fc0add57bdb0~~8
.brand-display.com/ Name: _knxq_
Value: e37f99dd-9bc0-d7f1-aac16695.1671087948.0.1671087948.1671087948
.media.net/ Name: data-ttd
Value: 09f3ca05-37ac-4c11-9d08-af20dbd13389~~1
.bing.com/ Name: MUID
Value: 03A59CF19E626E6E3DAE8E8A9FF26F17
.c.bing.com/ Name: MR
Value: 0
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.minutemedia-prebid.com/ Name: wrvUserID
Value: LhnRMiEaC_mm
.quantserve.com/ Name: d
Value: ECABDQHoJ4ir0QA
.lijit.com/ Name: ljt_reader
Value: F0aJCLZH-po76GTGQNqZ81k4
.w55c.net/ Name: matchmedianet
Value: 5
.amazon-adsystem.com/ Name: ad-id
Value: A-5B9SCClUhvjig_jPDHXGo
.servenobid.com/ Name: pid_317
Value: 4344244401077684513
.servenobid.com/ Name: pid_333
Value: Y5rHSe37pMogvKGDlAtQ5gAAE6QAAAAB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CB8407E0-E465-45EA-9563-DFC7C16DF2AB
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1671667200%3A248%7C1672272000%3A201_245_226
.pubmatic.com/ Name: SyncRTB3
Value: 1672272000%3A220_21_22_13_71_7_54_3_247%7C1671667200%3A223
.media.net/ Name: data-xu
Value: kg3eoGgb1P5Ijq5~~8
.servenobid.com/ Name: pid_348
Value: LhnRMiEaC_mm
.servenobid.com/ Name: pid_337
Value: y-QMkYOXxE2uHiEchDfa0FGqC.bYbDjoX7uzlspGU-~A
.sharethrough.com/ Name: stx_user_id
Value: 998714e5-f0f8-42d3-8edb-f95d739208b3
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5rHTAAEJBDs3AAp
.adsymptotic.com/ Name: U
Value: b33593b8ce70013f833c97db8ce3a887
.zemanta.com/ Name: zuid
Value: wUTbNYku3_EFCkfQ-Exh
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKho/650KHDwHXrd8oPN4aC2NpQrCZvWR1ydHQbmkOCQCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.trafficroots.com/ Name: PARTNER_ID_3379
Value: c11a46d7ea
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIqPmLoZqdrzsQBRIWCgdydWJpY29uEgsIwIysppqdrzsQBRIWCgdzdng5dDUwEgsI_JOAsZqdrzsQBRIVCgZjYXNhbGUSCwiiuaaymp2vOxAFGAEgASgCMgsI9tzU67CdrzsQBTgBWgthZGNvbmR1Y3RvcmAC
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9f50dfd1-8b18-4598-8e28-40ac3863f558-004%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~28uv:198o~28uv"
.bidr.io/ Name: bito
Value: AAFRA07HNY8AACBCmR5eZw
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMTS
Value: 5317
.contextweb.com/ Name: V
Value: abFGvPwOVYEK
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hsq|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c0502111460bc879
.smartadserver.com/ Name: csync
Value: 80:L7zNnHq4wMU0uMLOe-nZzyu_l8g07ZHNL-rj8V4z

21 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202202/e1a2805e030d56c3dfa356a19769fed8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/afa7d3d450f232efef17a8010450e0a8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/445eff1b88213580f57fdf404cc618d9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/25e3141859c0d5c008a7b8f67bea6810.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/ffdbf3e553b6a7f2ebe1d29141dc98b4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202011/0c36e488d675c136ea5fd747b5760c52.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/5d990c57d3e8571fe432aa107acc13a2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/a67d5120dc44a3e4365942b2d2d2755e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/1bdaacfc48bef481f4ab72f3379a7df9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/f8b99614ab8189a02d067dabacfd2744.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/bb99f879dccceb74b815d4fd26be55b8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/31caa9a3c7fc3a2174c4ad8b52dc2601.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/95306ac7db35b3941a15f4a0ad3ea7de.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/39d7ed36ff52c3a0853e44eee0b81fc4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/f66fb41b69cad1ccc6a9cab38dab0679.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5f6ea329e86d314528c36ca639aabf83.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/c3766284974a808111ef39d43cf0c01a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b4c39c496f33f36647edf8dff2c07322.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202110/ed04fc9c7660ee5c6d0894f107843ba4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1671087938&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-shui-jing-gai-hao-cun-min-kai-xin-qiang-xi-shou-xia-miao-pen-chu-yi-tiao-she-xia-pao-quan-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671087937255&bpp=12&bdt=1705&idt=1660&shv=r20221207&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3540867247119&frm=23&ife=1&pv=1&ga_vid=1108930574.1671087939&ga_sid=1671087939&ga_hid=1582315434&ga_fc=0&ga_cid=amp-dut39T24kJJhm5qFygioQg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1342&biw=1600&bih=1200&isw=336&ish=280&ifk=512434718&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779076%2C44780792&oid=2&pvsid=2842437599832549&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aimvy85eihzx&btvi=1&fsb=1&dtd=1677
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EveGluLXNodWktamluZy1nYWktaGFvLWN1bi1taW4ta2FpLXhpbi1xaWFuZy14aS1zaG91LXhpYS1taWFvLXBlbi1jaHUteWktdGlhby1zaGUteGlhLXBhby1xdWFuLWNoYW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7fbdb4d4264bac45bf3746c8ee7ef65d.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.co.nz
adservice.google.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
beacon-sin1.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
c8e67fa21fc86956c5c5564acead229c.safeframe.googlesyndication.com
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
cs-rtb.minutemedia-prebid.com
cs.emxdgt.com
cs.iqzone.com
cs.lkqd.net
cs.media.net
csm.as.criteo.net
d-36560746754094502396.ampproject.net
delivery.adrecover.com
demand.trafficroots.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
e8625a77c4ea8936e6ed44868ba5229b.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.360yield.com
ads.servenobid.com
b1sync.zemanta.com
c1.adform.net
contextual.media.net
cs.iqzone.com
id5-sync.com
image4.pubmatic.com
match.deepintent.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
ssbsync.smartadserver.com
stags.bluekai.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
uipglob.semasio.net
usersync.gumgum.com
103.229.10.247
103.229.205.243
103.231.98.194
103.231.98.196
103.231.98.197
104.16.88.20
104.17.25.14
104.18.101.194
104.18.33.19
104.18.36.94
104.254.151.36
104.254.151.68
104.26.3.91
104.26.5.103
124.146.215.43
13.107.42.14
13.213.230.90
13.226.228.27
13.230.79.199
13.33.33.118
13.33.88.40
13.33.88.71
13.76.45.37
139.5.84.243
142.250.4.105
142.250.4.132
142.250.4.94
142.251.10.132
142.251.10.154
142.251.12.149
142.251.12.97
145.40.88.5
146.20.132.134
15.197.193.217
151.101.1.108
151.101.66.49
152.199.39.108
162.254.186.187
172.253.118.113
172.253.118.155
172.64.154.237
18.138.18.111
18.139.240.219
18.141.134.197
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
198.8.71.131
2.20.137.181
204.79.197.200
209.191.163.208
209.54.182.161
213.180.193.90
23.106.127.39
23.106.69.72
23.195.152.23
23.195.153.54
23.66.150.27
23.72.44.196
3.233.146.116
34.107.148.139
34.111.151.213
34.239.231.199
34.96.105.8
34.98.64.218
35.213.117.18
35.213.12.39
35.230.38.116
35.71.178.8
42.99.140.161
42.99.140.201
50.116.239.135
51.79.234.100
52.0.191.77
52.34.94.5
52.74.13.196
52.74.234.58
54.169.105.18
54.199.70.238
54.237.254.37
54.238.120.71
54.65.93.189
54.78.50.52
64.120.88.131
67.220.226.234
69.16.175.10
69.173.158.64
69.173.158.65
69.173.158.67
74.125.200.154
74.125.24.155
74.125.24.157
74.125.68.155
74.214.196.131
84.17.37.44
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0059f63e482d884c063d4526eec22f6d5875b3a9fe1ee24f2ed85fbce43c6a11
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02dc8b9c8fa11a01180574461d14510ee1870b2983b354d54fedf7b9679fb37d
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
071cb5a96691bda17c415ff896fc543fe3af1954fcfd5638166cb85b047be667
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b27a4423817ceba69a07c53858a4df50737051508e2bf67533c8c90d233c14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0decbe3c52c59f8377f5600fe3046fd57124bd45c214bde7568bb420cdc63d64
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
153e9adeec20ccee087424c17425569b7083641550e17852973c897482f3d0df
1783aa2e209188503fb051140d62a985b4d2dd0d469ee5690a24d556219ab342
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19d1bd2b2b02631268c99cbd4a2d88b1701412975e39efd11e231287ba7580a5
1b4d50440744de3e1589cc29cf8262457a06f0fae03e63358b159b483f09882d
1ba96ff1afca18a82c53b140d261809d03fcee20269cb4dd8df64f6fece57829
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c071e67496668ddb65b463678c6055212671e15f7d2599b54e64dfe3cd094e7
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d549040ec3ae9d0c519f2057c434108ad2cb14f26309351f259a1f9b9f6b26b
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1d9c8ceb7cf286270006dd4f86dbfd576f1a09be3b4bed57903bfba8516c99a0
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1f007391497b9a19315d4e2f1a5a039e7a1762b23a820fd11275cb0fe2cabcf8
1f08e05453aad99f022d7d6ac6fb7c01474f4256e0095d26ff9deee09016eb53
1f6ef0d6cf65bee68e3f61dc43db7dec2dea3eaffe3d6aaeabf20e3bfd254d2d
21295c187205746a49fa6654b6bff00a75127e2c58d51a5432802c03ec09632b
231f98e164a2342c578cf558fd6bb254b5a93af953e3f135ba897318201f75e7
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
269c201a2ca7bb172d46979b155719e93a3697773962d72645d5e672a8054025
29cf25c600fbcb19402374249a002f7885df857c2ecf166e23e7a3ecc59d0239
2cd2c966af6338b7a5958ecbe2fc7a5d999b0017e5c43246c6b5c841f87c17e5
2db5070733ba10572e20197ab5a6a87432d6547bd1d741f7e43c7f56f0eb0510
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4ef2154885aa4d976136059a91be88614d6e94ed6de5b3b702d7a7542c383
34522c07f6e4a7d1bb4bc8a794eda9bd9721835d0774d8d6b4e4de6accfac35d
35ac2a0935e5d4d935413b4bb63b4e633cf0da7c7d0b418bab2381ba4aac0f23
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3793c9de7db1ba169ff848eb12403215f9c4b220c85daf6500ed84dd46552a74
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
38699d129a523f13737145cdae16928a789fbc5a3398c6107f133f133a39d080
3b6a01781b0cdb0f91d44ee98ce8042a006c72ddf6d60b303523e42120f38d63
3b9e21d8c284c548afd1d8404af13b2f3276a9b03bfc3a3242dbb05ceffd90c6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43ede94b0cc7dd8b2e3a22b8171332baaa72d694d355ccaa506103338b7d3c15
43fa3a368fc1e4502a3f55189b782dd4fdd634dc2b93dd6f4a3dc52469b7ff4d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46eaca8feeaefa95329b8fa1ad2f534bab954d61d9fd2b2eca99862694c730d4
47327ec37b83ac7e0ca8d6a6d05d6e9c88f9672f5c890d89de0962bea8c7a510
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
4cbb517783e3b77317d8c554c0f68b8814105ded61040cd20f9e1d644c096ef5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525863d5d48fec12eea4a44e6fefe2931e2d1bb9e1e9aa8526cfe49a592cf922
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
57159be1144d675dc3817976688f9ec9350bea6a2ec7d1a401f9237ed6edf2ba
573d0497c2358cbaff9fb48cd350fbeb7762aa24b68cc409904a80898201c000
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5a98a4cfb75f3530c2a07e050595b7e2727f6617a50e2c01b1302ae11d76b779
5b271345de7e001a595a7bd7fb970e9ee51453a85be5831173a92ad8309c3c63
5c9e4122d3f8ea671bd06eb8426c382d8decb026b2e04993e4b9b074d26e48c2
5cd37127a04ecd97976c529a8cabada2f31cabffd6f50099bffafaac4bbb658c
5ec9862ecfa60efd569fefc3ebd5184f04237a16b6f58a550845d205ade6cf58
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6733b1441eb85963cd51a9e4103926439a608097504a3689abea559aa2c2dd0d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dfd7ef537b825d757d86530e0786916f658ee8a968e020ff4c9fcaebd2fb09d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
76ffec36e87452399c967970e7af8a437fe4056fb443fab10e30e8255164ee78
7704062461a908331af9be8ec71a91d706bc62fcadff90dd56e22043d97bd462
7f119542d87eddbacd5dc8650fdc89f2be1ca9d0456964151fed32065365af8d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
853174d0d65a0974fbde48e2d9268a6e782098adafe744a333c139939be0bc8d
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8745647fcf1421dd506a0ad7dde7e4087cb6dccc376bb2fa143b6443b9bc8050
87ae2390cfc4331dcc75f06173f9c60048958ca01ee9dc957e9e345afe68c453
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f53569f908406da985db7df02c2c867f4f889e604f51a30feff3bb10772dfe9
909021a78ca89b176ebabe2daee2adee0f30be3783588d557d73f3929553c108
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93d01883160afa0bed0140cda1e1f9d8f910e16f198dcbec38db77aa9fcdce66
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
94c0dd209935da5662bb23b56f687a3fc0d85381af0cc81f1db49dbd522a12f4
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
974dcc9c382845db5c514138a2fa984e09c176dbb4476cbef327e0e1ba70c089
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af3d472fc1716b3e930db4ad30473f50ba42010b5112c6ab4b18b2d80bc6a7f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ae4cefca3a44474a949f576ce5c1fae56d2eca68a81832d109e7767966741c0e
b05dba8674db4023a807a4e7f26b326fb72b5bdc22e265f6ea4451a3046be4a7
b0e00b433995ed64a31fbe0335f9ea4fba37397cb7275ac40a53cd45257b33a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b83cdc89c65c4342dbedf241ffa6cd41c6eb2fead2c6a8f829347f5ff4c337e9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be83e12de4deb4d21fa921a33a9c667e5613ec7f3d3da89d3fe8219dff882bd2
bef2282faf902fe1b1acec1b0d8c906bf1a2e995afce857e54beb33b223efabc
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d5433298df9a32c8a53ddba38c14ad17bfbfa86f28d4619fe8f092bf4f62d0
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c58827b4b43db6113ff3338f984ab503a38986dee877b602eef2a0b8db3c833d
c7895d26ab30432ecb4b7ee8e3d6bf402effd42bab480e6f77c1d185cd5f8dd5
c8d638e1958800f6491b47b547805d16cb0e6a60e9b93f9d36d0ae034e14003f
ce4d1bde257a6dd888670961d004874d5c2d4f3e757a2116e93d4802e23e9673
ce845b349e01dbaa6806c6ffbf68d48779f5e836a3b5a2d37b0c8b466b07ca33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3392ce539ddbd8855a6a7838153f3aeac1782965e0dc1d53da47fda0e208943
da8e2d4ee9ba1969dba02333e32a576fa126bb12a5cec33c2139e16365faa2f7
dd131543219076fa8cf62d18b67065128f8200183b9de26d0c86bc12062186f8
dd8dbb82743f1ad694291a4763553dc42941d0655d9a1a2ff99499399ad0b5a2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e23d184520a589a87478d44306b707140daf0f291fa319c33ec5f890681c400d
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42941c47643954400f6ba5f286c556dd40ef0b8a565c276da4211d0b3d35578
e5c5e32b0287f6596395e62be73ab90f1b7624ab573cd5a5f6a6f9f9686d8b99
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e91aacfcb77dae3817ed99a51debfd864510bc21dda1fb8b17bb862f34a4764a
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd1d45be46a160c5f513d5a3b72a5c18b113e59ab1a9b186718998a0c306794
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff9144c3da5d52934c82d7a49997bf685724e98998365d1487de537d0291847b