urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-t...
Submission: On November 10 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 11 countries across 104 domains to perform 561 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 142.251.12.132 15169 (GOOGLE)
1 3 209.58.188.181 133752 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 23.52.171.120 20940 (AKAMAI-ASN1)
5 72.247.81.178 20940 (AKAMAI-ASN1)
24 104.26.3.91 13335 (CLOUDFLAR...)
6 172.217.194.156 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
3 64.120.88.131 133752 (LEASEWEB-...)
22 13.33.33.118 16509 (AMAZON-02)
52 172.217.194.154 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
2 142.251.12.97 15169 (GOOGLE)
8 142.251.12.155 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
2 34.95.67.231 396982 (GOOGLE-CL...)
16 203.75.214.136 3462 (HINET Dat...)
2 4 35.201.76.93 15169 (GOOGLE)
2 13.35.8.124 16509 (AMAZON-02)
3 142.251.10.101 15169 (GOOGLE)
2 5 103.229.10.247 16509 (AMAZON-02)
2 12 142.250.4.155 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
2 12 35.244.159.8 15169 (GOOGLE)
5 11 104.18.19.126 13335 (CLOUDFLAR...)
1 23.207.181.47 16625 (AKAMAI-AS)
6 9 104.254.151.68 29990 (ASN-APPNEX)
5 24 51.79.234.100 16276 (OVH)
1 35.213.117.18 15169 (GOOGLE)
13 34.246.45.103 16509 (AMAZON-02)
9 182.161.73.145 55569 (CRITEO-AS...)
1 3.1.173.93 16509 (AMAZON-02)
3 3.113.206.37 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 52.38.91.115 16509 (AMAZON-02)
4 5 145.40.89.200 54825 (PACKET)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 52.196.174.187 16509 (AMAZON-02)
25 182.161.73.129 55569 (CRITEO-AS...)
2 103.132.192.30 138552 (RTBHOUSE-...)
10 20 34.96.119.68 396982 (GOOGLE-CL...)
12 13 139.162.58.205 63949 (LINODE-AP...)
4 210.59.219.181 3462 (HINET Dat...)
1 65.9.164.73 16509 (AMAZON-02)
3 182.161.73.148 55569 (CRITEO-AS...)
31 142.250.4.132 15169 (GOOGLE)
3 182.161.74.19 55569 (CRITEO-AS...)
4 172.217.194.132 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
3 182.161.73.132 55569 (CRITEO-AS...)
5 182.161.73.142 55569 (CRITEO-AS...)
1 74.125.24.95 15169 (GOOGLE)
10 142.251.12.147 15169 (GOOGLE)
3 20.212.157.225 8075 (MICROSOFT...)
1 23.108.98.205 59253 (LEASEWEB-...)
1 103.254.153.194 59253 (LEASEWEB-...)
25 50 142.251.10.156 15169 (GOOGLE)
2 23.52.171.88 20940 (AKAMAI-ASN1)
7 104.65.229.158 16625 (AKAMAI-AS)
2 142.251.10.155 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
3 3 151.101.194.49 54113 (FASTLY)
2 3 103.231.98.196 62713 (AS-PUBMATIC)
2 2 18.176.202.191 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
2 3 213.180.193.90 208722 (GLOBAL_DC)
1 1 35.208.249.213 19527 (GOOGLE-2)
6 6 64.202.112.63 23352 (SERVERCEN...)
2 2 52.73.135.52 14618 (AMAZON-AES)
1 1 13.251.2.7 16509 (AMAZON-02)
1 1 35.79.10.95 16509 (AMAZON-02)
2 34.149.43.113 15169 (GOOGLE)
10 182.161.73.135 55569 (CRITEO-AS...)
3 182.161.73.136 55569 (CRITEO-AS...)
15 16 3.33.220.150 16509 (AMAZON-02)
11 23.207.180.23 16625 (AKAMAI-AS)
1 52.84.45.81 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
3 11 184.31.5.52 16625 (AKAMAI-AS)
1 104.18.12.76 13335 (CLOUDFLAR...)
3 9 35.71.178.8 16509 (AMAZON-02)
1 18.155.68.107 16509 (AMAZON-02)
4 72.247.127.219 20940 (AKAMAI-ASN1)
1 18.136.127.148 16509 (AMAZON-02)
2 2 50.116.239.135 6336 (TURN-US-ASN)
3 3 202.241.208.52 4694 (IDCF IDC ...)
2 2 13.33.88.20 16509 (AMAZON-02)
7 7 103.229.205.242 30419 (MEDIAMATH...)
1 2 69.173.144.139 26667 (RUBICONPR...)
8 13 69.173.158.64 26667 (RUBICONPR...)
1 2 23.106.127.164 59253 (LEASEWEB-...)
3 5 35.190.60.146 15169 (GOOGLE)
5 11 52.46.128.147 16509 (AMAZON-02)
11 13 103.231.98.197 62713 (AS-PUBMATIC)
5 6 52.74.13.196 16509 (AMAZON-02)
5 6 35.213.12.39 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 13.33.88.84 16509 (AMAZON-02)
1 2 52.220.251.156 16509 (AMAZON-02)
2 2 104.254.148.252 29990 (ASN-APPNEX)
2 2 198.8.71.130 54312 (ROCKETFUEL)
4 23.207.180.199 16625 (AKAMAI-AS)
12 12 74.118.186.44 26120 (RHYTHMONE)
2 23.213.140.31 16625 (AKAMAI-AS)
2 2 54.179.133.159 16509 (AMAZON-02)
1 182.161.73.146 55569 (CRITEO-AS...)
2 2 23.207.181.216 16625 (AKAMAI-AS)
2 2 3.126.154.37 16509 (AMAZON-02)
2 3.228.33.18 14618 (AMAZON-AES)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.98.194 13335 (CLOUDFLAR...)
3 4 18.139.170.135 16509 (AMAZON-02)
1 204.79.197.200 8068 (MICROSOFT...)
2 3 67.220.226.232 ()
1 18.182.216.82 16509 (AMAZON-02)
1 2 23.106.127.39 59253 (LEASEWEB-...)
2 2 209.191.163.210 14744 (INTERNAP-...)
2 2 209.191.163.209 14744 (INTERNAP-...)
2 2 3.210.61.234 14618 (AMAZON-AES)
1 37.157.4.28 ()
2 11 139.5.84.243 27381 (CASALE-MEDIA)
1 2 18.136.88.127 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 35.72.192.39 16509 (AMAZON-02)
1 3.1.99.79 16509 (AMAZON-02)
1 104.18.13.76 13335 (CLOUDFLAR...)
10 15 103.231.98.194 ()
2 2 35.213.93.179 ()
3 4 185.84.60.30 ()
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
2 67.199.150.85 ()
2 34.126.167.117 ()
1 1 51.68.39.188 ()
1 4 23.106.127.53 ()
1 1 185.183.112.155 ()
17 13.112.54.241 ()
1 2 47.252.78.131 ()
1 1 74.214.196.131 ()
1 1 34.199.177.9 ()
1 129.158.42.199 ()
1 169.197.150.7 ()
2 2 52.74.177.209 ()
2 2 185.184.8.90 ()
1 1 8.43.72.98 ()
561 114
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.52.171.120 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-120.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    72.247.81.178 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-178.deploy.static.akamaitechnologies.com
cdn.adpushup.com
24    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
6    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adservice.google.co.nz
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
22    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
cdn.holmesmind.com
adx.holmesmind.com
52    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
pagead2.googlesyndication.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
8    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com
1    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
d-35465494912996878335.ampproject.net
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
16    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    13.35.8.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-124.sin5.r.cloudfront.net
adcdn.holmesmind.com
3    142.251.10.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f101.1e100.net
www.google-analytics.com
5    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
12    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
11    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
1    23.207.181.47 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-47.deploy.static.akamaitechnologies.com
a.teads.tv
9    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
24    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
13    34.246.45.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
ads.servenobid.com
9    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    3.1.173.93 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-173-93.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    3.113.206.37 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-206-37.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.38.91.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-91-115.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
5    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    52.196.174.187 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
25    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
20    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
13    139.162.58.205 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
a.c.appier.net
s.c.appier.net
4    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
1    65.9.164.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-164-73.bkk50.r.cloudfront.net
rules.quantcount.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
31    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
4    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
5    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
10    142.251.12.147 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f147.1e100.net
www.google.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
1    23.108.98.205 (Atlanta, United States)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
theta219.rtb.appier.net
1    103.254.153.194 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
vst.c.appier.net
50    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
cm.g.doubleclick.net
2    23.52.171.88 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-88.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
7    104.65.229.158 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-229-158.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
partner.googleadservices.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    18.176.202.191 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-202-191.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
3    213.180.193.90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: bs.yandex.ru
an.yandex.ru
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
6    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    52.73.135.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-135-52.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    13.251.2.7 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-2-7.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    35.79.10.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-10-95.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ae1.doubleverify.com
10    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
16    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
11    23.207.180.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    52.84.45.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-81.mrs52.r.cloudfront.net
public.servenobid.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
11    184.31.5.52 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    18.155.68.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-107.sin52.r.cloudfront.net
cdn.besafe.global
4    72.247.127.219 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-127-219.deploy.static.akamaitechnologies.com
ad.appier.net
1    18.136.127.148 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-127-148.ap-southeast-1.compute.amazonaws.com
geo.moatads.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p3.ladsp.com
7    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    23.106.127.164 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
11    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
13    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    13.33.88.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-84.sin2.r.cloudfront.net
s.ad.smaato.net
2    52.220.251.156 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-251-156.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
2    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.207.180.199 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    23.213.140.31 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-140-31.deploy.static.akamaitechnologies.com
cs.media.net
2    54.179.133.159 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-133-159.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    23.207.181.216 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-216.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.126.154.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-154-37.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    3.228.33.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-33-18.compute-1.amazonaws.com
cs.emxdgt.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.98.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
4    18.139.170.135 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-170-135.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
3    67.220.226.232 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    18.182.216.82 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-216-82.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
2    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
2    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
2    3.210.61.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-61-234.compute-1.amazonaws.com
ssp.disqus.com
1    37.157.4.28 (None, )

ASN- ()
cm.adform.net
11    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    18.136.88.127 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-88-127.ap-southeast-1.compute.amazonaws.com
dpm.demdex.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    35.72.192.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-192-39.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    3.1.99.79 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-99-79.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
15    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
2    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
4    185.84.60.30 (None, )

ASN- ()
c1.adform.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
2    34.126.167.117 (None, )

ASN- ()
um.simpli.fi
1    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
4    23.106.127.53 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    185.183.112.155 (None, )

ASN- ()
sync.adotmob.com
17    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
2    47.252.78.131 (None, )

ASN- ()
event.clientgear.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    34.199.177.9 (None, )

ASN- ()
sync.ipredictive.com
1    129.158.42.199 (None, )

ASN- ()
sync.technoratimedia.com
1    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
2    52.74.177.209 (None, )

ASN- ()
ad.360yield.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
72 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
532 KB
72 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
957 KB
40 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.as.criteo.net — Cisco Umbrella Rank: 15767
pix.as.criteo.net — Cisco Umbrella Rank: 15906
708 KB
39 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139
gocm.c.appier.net — Cisco Umbrella Rank: 1971
theta219.rtb.appier.net
vst.c.appier.net — Cisco Umbrella Rank: 12878
a.c.appier.net — Cisco Umbrella Rank: 13802
s.c.appier.net — Cisco Umbrella Rank: 4628
ad.appier.net — Cisco Umbrella Rank: 7077
11 KB
37 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 662
image8.pubmatic.com — Cisco Umbrella Rank: 561
ads.pubmatic.com — Cisco Umbrella Rank: 458
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
43 KB
32 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147046
fcm.holmesmind.com — Cisco Umbrella Rank: 161307
c.holmesmind.com — Cisco Umbrella Rank: 106536
adcdn.holmesmind.com — Cisco Umbrella Rank: 144780
ad.holmesmind.com — Cisco Umbrella Rank: 95735
fp.holmesmind.com Failed
adx.holmesmind.com — Cisco Umbrella Rank: 511646
113 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2024
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-us-east.rubiconproject.com
54 KB
25 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
17 KB
24 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
12 KB
22 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
ads.as.criteo.com — Cisco Umbrella Rank: 15481
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
96 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
ssum.casalemedia.com — Cisco Umbrella Rank: 1273
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
18 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
usersync.gumgum.com
6 KB
18 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
5 KB
17 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
bi.adpushup.com — Cisco Umbrella Rank: 17664
313 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
8 KB
16 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net
13 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
326 KB
14 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com
9 KB
14 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
18 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
9 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
29 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
7 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
4 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
5 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
6 KB
8 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1720
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com
3 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 406
geo.moatads.com — Cisco Umbrella Rank: 657
px.moatads.com — Cisco Umbrella Rank: 473
111 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
4 KB
7 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
2 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 531
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
3 KB
5 adform.net
cm.adform.net
c1.adform.net
2 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 540
idsync.rlcdn.com — Cisco Umbrella Rank: 321
926 B
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
11 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
ap.lijit.com — Cisco Umbrella Rank: 599
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 448
rtb0.doubleverify.com — Cisco Umbrella Rank: 649
rtbc-ae1.doubleverify.com — Cisco Umbrella Rank: 23209
22 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
189 KB
4 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 73497
242 B
4 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18067
creativecdn.com
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
1 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
3 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3438
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
891 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
519 B
2 360yield.com
ad.360yield.com
624 B
2 clientgear.com
event.clientgear.com
419 B
2 simpli.fi
um.simpli.fi
1021 B
2 pippio.com
pippio.com
716 B
2 sportradarserving.com
a.sportradarserving.com
964 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1589
874 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
477 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 480
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 695
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 498
680 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
866 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
1005 B
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16779
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
904 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 contextweb.com
bh.contextweb.com
664 B
1 adotmob.com
sync.adotmob.com
712 B
1 nrich.ai
dsp.nrich.ai
531 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25038
652 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1431
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2180
419 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
668 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 661
720 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 68712
716 B
1 besafe.global
cdn.besafe.global — Cisco Umbrella Rank: 11771
13 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3567
461 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
514 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1440
488 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2930
218 B
1 gstatic.com
fonts.gstatic.com
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 usercontent.goog
4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
633 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
518 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
520 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-35465494912996878335.ampproject.net
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mookie1.com Failed
odr.mookie1.com — Cisco Umbrella Rank: 929 Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
561 104
Domain Requested by
50 cm.g.doubleclick.net 25 redirects www.bg3.co
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
37 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
www.bg3.co
pagead2.googlesyndication.com
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
adx.holmesmind.com
31 tpc.googlesyndication.com googleads.g.doubleclick.net
www.bg3.co
securepubads.g.doubleclick.net
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
25 static.criteo.net cdn.holmesmind.com
ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
24 onetag-sys.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
24 static.bg3.co www.bg3.co
20 ad2.apx.appier.net 10 redirects www.bg3.co
20 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
17 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
16 match.adsrvr.org 15 redirects cdn.adpushup.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
13 image8.pubmatic.com 11 redirects onetag-sys.com
public.servenobid.com
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ads.pubmatic.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
13 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
11 image2.pubmatic.com 6 redirects onetag-sys.com
ads.pubmatic.com
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
11 s.amazon-adsystem.com 5 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
11 contextual.media.net cdn.adpushup.com
contextual.media.net
public.servenobid.com
eus.rubiconproject.com
10 pix.as.criteo.net ads.as.criteo.com
10 www.google.com www.bg3.co
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
10 gocm.c.appier.net 10 redirects
9 sync.1rx.io 9 redirects
9 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
9 bidder.criteo.com cdn.adpushup.com
static.criteo.net
9 ib.adnxs.com 6 redirects cdn.adpushup.com
acdn.adnxs.com
9 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
8 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 sync.mathtag.com 7 redirects
7 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 x.bidswitch.net 5 redirects onetag-sys.com
6 ups.analytics.yahoo.com 5 redirects onetag-sys.com
6 px.moatads.com 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
www.bg3.co
6 b1sync.zemanta.com 6 redirects
6 e3.adpushup.com www.bg3.co
5 us-u.openx.net 2 redirects u.openx.net
5 csm.as.criteo.net ads.as.criteo.com
5 prebid.a-mo.net 4 redirects cdn.adpushup.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 simage2.pubmatic.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 ad.appier.net 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
4 www.googletagservices.com googleads.g.doubleclick.net
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
4 prebid.scupio.com cdn.holmesmind.com
4 adpushup-d.openx.net cdn.adpushup.com
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 sync.targeting.unrulymedia.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 id.rlcdn.com 2 redirects onetag-sys.com
3 tg.socdm.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 an.yandex.ru 2 redirects www.bg3.co
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 bi.adpushup.com www.bg3.co
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 ads.as.criteo.com googleads.g.doubleclick.net
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 event.clientgear.com 1 redirects g2.gumgum.com
2 um.simpli.fi ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ssp.disqus.com 2 redirects
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 stags.bluekai.com 2 redirects
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 secure.adnxs.com 2 redirects
2 match.sharethrough.com 1 redirects ssbsync.smartadserver.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 ad.turn.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 adx.holmesmind.com pagead2.googlesyndication.com
2 ds.uncn.jp 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 cdn.doubleverify.com 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
cdn.doubleverify.com
2 a.c.appier.net 1 redirects 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
2 6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net www.bg3.co
t.ssp.hinet.net
2 aplogger.adpushup.com cdn.adpushup.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 ad.holmesmind.com cdn.holmesmind.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.adotmob.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 cm.adform.net public.servenobid.com
1 ssum.casalemedia.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 dis.criteo.com contextual.media.net
1 s.ad.smaato.net 1 redirects
1 sync.fout.jp 1 redirects
1 geo.moatads.com z.moatads.com
1 cdn.besafe.global 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
1 rtbc-ae1.doubleverify.com cdn.doubleverify.com
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 cc.adingo.jp 1 redirects
1 ads.yieldmo.com 1 redirects
1 trace.mediago.io 1 redirects
1 y.one.impact-ad.jp 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 z.moatads.com 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
1 s.c.appier.net 1 redirects
1 vst.c.appier.net www.bg3.co
1 theta219.rtb.appier.net www.bg3.co
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog securepubads.g.doubleclick.net
1 6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-35465494912996878335.ampproject.net cdn.ampproject.org
1 campaign.adpushup.com www.bg3.co
1 www.bg3.co
0 cs.admanmedia.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 csync.loopme.me Failed ssum-sec.casalemedia.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 odr.mookie1.com Failed contextual.media.net
eb2.3lift.com
0 cs.chocolateplatform.com Failed 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
0 fp.holmesmind.com Failed cdn.holmesmind.com
561 178

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.rtb.appier.net
AlphaSSL CA - SHA256 - G2		 2022-11-01 -
2023-12-03		 a year crt.sh
*.c.appier.net
R3		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
cdn.besafe.global
Amazon		 2022-05-26 -
2023-06-24		 a year crt.sh
*.appier.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh

This page contains 83 frames:

Primary Page: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Frame ID: 16E7FBBF2FB1534ABAAC5476417947B8
Requests: 105 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 6BAF569CF8A1F553A29AB45B951A05A4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: A6CB468B925DA28801E701D1CE501B89
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3E2D099F25AC4ED310D86898356CCC89
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3A5DDEF1968FABF7815E283518D5116A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3A71899175B55D8A2FEAD774FCDC68E9
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: F0504688FCD9B2B1671DF7A2BDE711F1
Requests: 27 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: CA2897099A8CEC40BDA0234E9F330157
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: EE624EDE4F3E80402B8309B5DBB0E2BF
Requests: 27 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 9FB0CB5F9B38C4A04412821DC285A8EF
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 77180032620FDBAAC989EB2CCC911332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 6C019054ECE95FA123E78E35FFCD0F67
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF&CFFPCKUUID=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&maindomain=www.bg3.co
Frame ID: 800A62EBC540C53388BF65995A8D6167
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF&CFFPCKUUID=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&maindomain=www.bg3.co
Frame ID: F651A0D40FCB9483E47CC14C5E173F0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Frame ID: 230A9FAC6BC7BB40514A62509B80940D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Frame ID: 20B9FB9E02D86E0F1029067F6A56FDD5
Requests: 6 HTTP requests in this frame

Frame: https://6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: 70BE76A48D010EDFAFD2B4A5EBF9F7EA
Requests: 1 HTTP requests in this frame

Frame: https://4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog/safeframe/1-0-39/html/container.html?n=1
Frame ID: 896596FF75DCE96473A2452D685305DB
Requests: 1 HTTP requests in this frame

Frame: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: FC3C4C42DE4BE4EE29761FB5127117D7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 84203910AC678C327436F5DC26ED8073
Requests: 16 HTTP requests in this frame

Frame: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 269DB74868394C9A98407628EB7C93B6
Requests: 29 HTTP requests in this frame

Frame: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 574C0FD27B300E2BE8E79ADEEDFEFA05
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: CBE65F5D9AF299D3623E783E6CDE6729
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 04B2D8829E2C2CC23FA9EADBE4342D6F
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 29E7762CDAF8A1C2C98BE4A0652828E8
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4BB17AFD99417B583F45B647D76D53E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Frame ID: DDC4DE512A3615060FA5739CFBC61FB5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2B1831E6A87BC18B3BF50A199780C32
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20DEF78D8DBBA6C36DC906623637090B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EB369F3C8254BB86E440EFA91C22E20
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58A6E08EF75711A0E0439FC102DB1DD2
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
Frame ID: 1545681191D90484C2F12195FA3D2EB2
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 47D4566492C6699D101340FBC6D1E12C
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EEEAF778BA1BE27469CD06AED4517FB4
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 676D40A56CED5EA7FA2B97DD3D033B7E
Requests: 14 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 16524BAAA9763637A46E55FDD9545FF1
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8A932C70BB994E72411CDC07DE1FC33C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668114472029
Frame ID: CB6730F6AD63101F518A19185ABB7FA2
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6CB7DF810F59E0ED7A727AACBBB452B1
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EFBEADD43F9E0A0D79C6600C17F9B6C7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 84F6883FE6521BDE0AEB9D5DAF751FBE
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 24D46C87407EB6D896368275A56BBA21
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09FDCA2CDF1A5FD4B59442BF4EAD21D3
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A0DF94432BA0278606D7106BE3BFB5F8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: F5DBC2CDC48B0DFE30C925C8276A8929
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=rkt&refUrl=&vid=81144760273111160757443616000V10&ovsid=1921700046369469050
Frame ID: 290C7AB5A2C1C541351576C10FA01606
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dpba%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3DPM_UID
Frame ID: C16F636F1E7D3CF6F08A5A4560D1FFB7
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: 799E928EB7BBFE631C962752C2B904A0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AAFA8050A5D13C5550FD0AC60FEDE67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 297B761FA0D469E618C332E5F19652D5
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 48FB908BD0B5607EB9EB60ABDD1B2704
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CF99A9D0E285882E0A45BC9186E846E6
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 35A08821C912C391932614E0A7059CEC
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 0413ACBAF1E6D48F7BC5FCB64AC5105E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 4469306C2B92D4F3F828A51E85E5C781
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: FFC4B27AB9082C59C837D7CF82F24C13
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent=
Frame ID: F215E9C5AADBD6C1EFA2E32565BC0025
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Frame ID: 9DB5ED44CF6511ED098AD89A6F31E8A8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Frame ID: F67CE19371A0E3A3E9EEB56582945C7F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Frame ID: 61C3EEC5C054CF02811717707AF0633D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Frame ID: F4413FCFC3033CFD2B236DC8B2C449D7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Frame ID: 633BE13F9B5F5643C262E21DA0D982D4
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Frame ID: 0C7531FFC12E4386E332A31FB70311A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F1B1419340CFF0B2A92215D6B0681ED3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=56dd1a37-4dba-47d0-839f-f69969cfcfff
Frame ID: 0094CD4966F19FB3FAF4AE369AB7B914
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
Frame ID: F8ADAC59ADDAE767253AF49DD3EEF228
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent=
Frame ID: EDD8F54328B32B0DFE94BC5487EEDE33
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80ZTM1MTNmMy00MDllLTQ5NTAtOTA2YS1lN2FjYzE4NzQ0ZWE=&gdpr=0&gdpr_consent=
Frame ID: 87FB64981695ED6ECDDFF86F565B0D00
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: AD2BF50213C8B70F9283836F507920A4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y21oLMCo5tEAAOEZBfYAAAAA
Frame ID: A555A0C97603186EDB8AD5249A8D3BDE
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 9E27AB6CAEE679176F7B1B0F7D6FDD5A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
Frame ID: DD3F1040D4A003A78EC5DC46F0E60CAB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=nVUstsK11BeOKVr6TYex&pi=gumgum&tc=1
Frame ID: DBB42B54EB27FEAFE203294D20ECD9AC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 494F0ED197652FD6EB70C5434457942B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/zrt_lookup.html
Frame ID: 65E73CC46C0BD3CE40D5695EE77C8CEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=1045718042&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114477511&bpp=3&bdt=498&idt=337&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&nras=1&correlator=5209430815737&frm=8&ife=1&pv=2&ga_vid=396498336.1668114478&ga_sid=1668114478&ga_hid=1030500028&ga_fc=0&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C44761793%2C44774649%2C42531705%2C44774653%2C31070763%2C44775017&oid=2&pvsid=634105456463972&tmod=1771969993&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.y3xha2ju591b&fsb=1&dtd=354
Frame ID: 0BA525F00AD0AA66D996D6BFD3E66289
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=399784846&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114477514&bpp=1&bdt=501&idt=357&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5209430815737&frm=8&ife=1&pv=1&ga_vid=396498336.1668114478&ga_sid=1668114478&ga_hid=1030500028&ga_fc=0&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C44761793%2C44774649%2C42531705%2C44774653%2C31070763%2C44775017&oid=2&pvsid=634105456463972&tmod=1771969993&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b4yo2l9jenqc&fsb=1&dtd=361
Frame ID: 69A28C7F2F2951A8C0C90D9A0478EA91
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4555C8463D91AD3DCE873B92D0C93E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9ACC69C860E46FE8B9B008D6875A8FF7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC9ED170AB170A16FB9F45292DF708B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 369FB657A6B11D5E040244F284DC5027
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBDBF42FD070DC0728CE266D03E8B5B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B54610827EDF2439DB26FBBBA6E951A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2021無印良品最熱賣保養好物Top 5!網贊冠軍:高CP、溼敷不心疼 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

561
Requests

76 %
HTTPS

0 %
IPv6

104
Domains

178
Subdomains

114
IPs

11
Countries

3852 kB
Transfer

10014 kB
Size

148
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 74
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 76
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 129
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vH09hgdHAhqh8lEeKGhtYw
Request Chain 130
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=BYLayggpAPOpx85KKGhtYw
Request Chain 131
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dl3S0fMlAoG0SWTtKGhtYw
Request Chain 134
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vDWQwVgxDJeggl1NKGhtYw
Request Chain 135
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8pUZKX1kAaOgdPHeKGhtYw
Request Chain 140
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=gATdjJWGANKfItVCKGhtYw
Request Chain 141
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=3eo_t1ZsCWOHLbDvKGhtYw
Request Chain 142
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=tMSEmq0FDsyJlCNCKGhtYw
Request Chain 143
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=6Ja0ILDSBXK2SfpyKGhtYw
Request Chain 144
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=_wSXjIuSB4eMb_DEKGhtYw
Request Chain 228
  • https://a.c.appier.net/gcm?trigger_hosted_sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=X3dTWGpJdVNCNGVNYl9ERUtHaHRZdw%3D%3D&google_redir=https%3A%2F%2Fs.c.appier.net%2Fgcm2%3Ftrigger_hosted_sync%3D1 HTTP 302
  • https://s.c.appier.net/gcm2?trigger_hosted_sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier_pc&google_hm=X3dTWGpJdVNCNGVNYl9ERUtHaHRZdw%3D%3D HTTP 302
  • https://a.c.appier.net/gcm
Request Chain 258
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENL3ysayPI4yrQTE1vnoEgs&google_cver=1&google_push=ASkJ3FbBwEVAcndmlJV1zcCBC7_x4ef089IEMS6m34ant5hO4njXncPkHj-GJaXbWfRfBu3LmYBDoBBwCJK-bVRPUSCSMzbxERuR6HPlNfZ5T563EQ7sX59TficoLn3KVkDP7_iYo7sfVSmM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENL3ysayPI4yrQTE1vnoEgs&google_push=ASkJ3FbBwEVAcndmlJV1zcCBC7_x4ef089IEMS6m34ant5hO4njXncPkHj-GJaXbWfRfBu3LmYBDoBBwCJK-bVRPUSCSMzbxERuR6HPlNfZ5T563EQ7sX59TficoLn3KVkDP7_iYo7sfVSmM
Request Chain 259
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELT7FjI9wAN_o2Qp3DmXA3w&google_cver=1&google_push=ASkJ3FbHPYG2seqiZqdAUiEQ_gC9o3Wfp4ywASjs3xv1UvzrPLV5cGS8Q2uBf6L2GDp2rFEfHc7qlKTzPEFYdBRIsvF8IZRqitTTqmy9pdwLyuGjvwtYKe9-hzmk3Lq2c-F1doKpz_d83SYS HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELT7FjI9wAN_o2Qp3DmXA3w&google_cver=1&google_push=ASkJ3FbHPYG2seqiZqdAUiEQ_gC9o3Wfp4ywASjs3xv1UvzrPLV5cGS8Q2uBf6L2GDp2rFEfHc7qlKTzPEFYdBRIsvF8IZRqitTTqmy9pdwLyuGjvwtYKe9-hzmk3Lq2c-F1doKpz_d83SYS&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN6TSAo9TReGQr4oMwIHIg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbHPYG2seqiZqdAUiEQ_gC9o3Wfp4ywASjs3xv1UvzrPLV5cGS8Q2uBf6L2GDp2rFEfHc7qlKTzPEFYdBRIsvF8IZRqitTTqmy9pdwLyuGjvwtYKe9-hzmk3Lq2c-F1doKpz_d83SYS
Request Chain 260
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEGEM_l6QTm-m6-ZFwLhM3FE&google_cver=1&google_push=ASkJ3FYkutEh_q-uID-ygbbAvtncrItjRGfaYNyifbgwXCWGTUR4sLtEbEGIXp_RX6oQ36yxTur3_XFZl7VFp134Jgs9IR-KLuYlZtyTEqcsSizr3d2BB93IKhMo2qaTgB9NrJqDm4QCSaA2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYkutEh_q-uID-ygbbAvtncrItjRGfaYNyifbgwXCWGTUR4sLtEbEGIXp_RX6oQ36yxTur3_XFZl7VFp134Jgs9IR-KLuYlZtyTEqcsSizr3d2BB93IKhMo2qaTgB9NrJqDm4QCSaA2&google_hm=AUaOfiem-UFjrxvfvzSrfD4
Request Chain 263
  • https://an.yandex.ru/mapuid/google/CAESELRzPr9UU88y_onsp_dSl2k?ext-param=ASkJ3FY6oA1eQlOnOlLIWvMSPUYYiV_If7MpN-xy_6tL7eoGerlR4Tztr2-n8DYpgx7F4ahSo-9rnnlOitqx6ZkFPcGgRfvdg1rwfPu_k9wh9WfduLLCvpkSD7O0TJiDJ7i9utNvYaqHa__b&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESELRzPr9UU88y_onsp_dSl2k?redir-setuniq=1&ext-param=ASkJ3FY6oA1eQlOnOlLIWvMSPUYYiV_If7MpN-xy_6tL7eoGerlR4Tztr2-n8DYpgx7F4ahSo-9rnnlOitqx6ZkFPcGgRfvdg1rwfPu_k9wh9WfduLLCvpkSD7O0TJiDJ7i9utNvYaqHa__b&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELRzPr9UU88y_onsp_dSl2k&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 264
  • https://trace.mediago.io/cs/google?google_gid=CAESEPzOL4h9BXQuJD-GFlkYfFU&google_cver=1&google_push=ASkJ3Fbkj0YovYy02R9_W-2vMywqNSBgmKNvTjeMfNzjYslY_7fSsvxHvwhAukLa-28eB8qrenbVQkyXJIKIzrthQwVzUDao0jkOqowDESJLzzMzsnmfeHCq9lAVqe2_YZ7PpEb1T1WPaRSGOg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3Fbkj0YovYy02R9_W-2vMywqNSBgmKNvTjeMfNzjYslY_7fSsvxHvwhAukLa-28eB8qrenbVQkyXJIKIzrthQwVzUDao0jkOqowDESJLzzMzsnmfeHCq9lAVqe2_YZ7PpEb1T1WPaRSGOg&google_hm=bb27a829ff4724e86abfaf639461bd10
Request Chain 276
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473289&bpp=12&bdt=299&idt=680&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=1&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=458988440&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=6675&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070723%2C31070762%2C44774606%2C44775016%2C44777923&oid=2&pvsid=3753466674931940&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p2rq8l5tsrse&btvi=1&fsb=1&dtd=698 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
Request Chain 294
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL8f6PHyTC-NrqqFwOqukjg&google_cver=1&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0erXQvBUtLlI5_Q_I0dlp89od_M5UaMUJVNGfVfITdtSJuzHaNAoKaI6HKCGSFdFcU3RTpIb0 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEL8f6PHyTC-NrqqFwOqukjg&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0erXQvBUtLlI5_Q_I0dlp89od_M5UaMUJVNGfVfITdtSJuzHaNAoKaI6HKCGSFdFcU3RTpIb0&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0erXQvBUtLlI5_Q_I0dlp89od_M5UaMUJVNGfVfITdtSJuzHaNAoKaI6HKCGSFdFcU3RTpIb0&google_hm=VGVsMVNORWswSm45VlBrdldQZWM=
Request Chain 295
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEA1dDqRO810VdoIE3tkdl9Q&google_cver=1&google_push=ASkJ3FZlfCygaiXEhEvmIG2FyXiP5oglAPyxLnMBnTnOxr9ZryQ90dvC4PhRxwwyY_CKkouu6jSkilUewyRZt6plgQTLalBYTApQDWHvnbGcqslPzt6f-xjv_QhnkP7c1HWXuY_gY2C6t36d3ZTaSBiRPXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qR9o63TiTUl3h9o3MqFI3XRaSsQ&google_push=ASkJ3FZlfCygaiXEhEvmIG2FyXiP5oglAPyxLnMBnTnOxr9ZryQ90dvC4PhRxwwyY_CKkouu6jSkilUewyRZt6plgQTLalBYTApQDWHvnbGcqslPzt6f-xjv_QhnkP7c1HWXuY_gY2C6t36d3ZTaSBiRPXw
Request Chain 296
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOYYEQwoLfX7aAa9EZk_TsI&google_cver=1&google_push=ASkJ3FbUdbVvu9zseJqr3dMcf1nQUQ3ck-qWZz-_wZbuCvOjflOYog-je9lQQl4g6kM8Xf69p8ikuF4bXn3fi18KW0XS_bauII6TYax75UiGQPpaktjJMgPUpykauyjpzQmrLggxJHl3qdj3QUUX-kSpAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbUdbVvu9zseJqr3dMcf1nQUQ3ck-qWZz-_wZbuCvOjflOYog-je9lQQl4g6kM8Xf69p8ikuF4bXn3fi18KW0XS_bauII6TYax75UiGQPpaktjJMgPUpykauyjpzQmrLggxJHl3qdj3QUUX-kSpAw&google_hm=ZzZmZDliZGY3ZGQxODU0YWRiNTQ=
Request Chain 298
  • https://cc.adingo.jp/adx/push/?google_gid=CAESELvNavdJ5MyQ-NK8FE28SDQ&google_cver=1&google_push=ASkJ3FZyiv5d7Bqm5SLFnERkFuZUDdU4QvCG6a-Pxv0ihXXiiQorhy9TxT-OyPsOltNfbaHWq05eP9zb6CgJ4CzjzlQEIwi6OMgiDQvuaxJKy2h7Xxi2TN7MKYEhIu_pC44e9e7Ab8EA1OYc0sV2KNCgCu4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZyiv5d7Bqm5SLFnERkFuZUDdU4QvCG6a-Pxv0ihXXiiQorhy9TxT-OyPsOltNfbaHWq05eP9zb6CgJ4CzjzlQEIwi6OMgiDQvuaxJKy2h7Xxi2TN7MKYEhIu_pC44e9e7Ab8EA1OYc0sV2KNCgCu4&google_hm=190e32f41106a12deff36d5782214722
Request Chain 299
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqtDLM0RgBtAg7bmYE-934&google_cver=1&google_push=ASkJ3Fb6D2yLlUGV8CQ61ILGejHnHJr3x4VGEvrYjSKOZykQZrSEZLGba4WPVWCLwabPcKr6xU4mqC7lqzrBmSoqgoZ2c9dKoiFXofGQHyVOHyh4FTwDPH8AY2zpIBrRX2TvC_-eS6VugAmmznlxMDoUOuKG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe5yjF-CWXpYune0wToiGcRiNQFuhtxA&google_push=ASkJ3Fb6D2yLlUGV8CQ61ILGejHnHJr3x4VGEvrYjSKOZykQZrSEZLGba4WPVWCLwabPcKr6xU4mqC7lqzrBmSoqgoZ2c9dKoiFXofGQHyVOHyh4FTwDPH8AY2zpIBrRX2TvC_-eS6VugAmmznlxMDoUOuKG HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 336
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 348
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4156914352050536875&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 349
  • https://match.adsrvr.org/track/cmf/openx?oxid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1f6509d4-566f-41d3-a44a-aca812e792f7&ttd_puid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0&gdpr_consent=
Request Chain 350
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y21oLMCo5ukAAPFLA2kAAAAA
Request Chain 351
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT2xhy1s28Hzks8ADwG0vnw9Rs8AAAGEY17t0w
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGP30txdLJGcdwtU20V0h0U&google_cver=1
Request Chain 354
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=985a636d-682c-4600-b758-90d1ab658a31&gdpr=1&gdpr_consent=
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6170091816546164090
Request Chain 358
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe60UwAYilrwU_93Y_0gF6HhVGGaMUqA
Request Chain 360
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCKzQtZsGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 361
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SjYlMv-qBaYsWkaRxMG3BlJ_pHSmlXdQYG-pUOIDVMc
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAqtDLM0RgBtAg7bmYE-934&google_cver=1
Request Chain 365
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
Request Chain 369
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 371
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPpsVwaOggTXNtYzhjqK01o&google_cver=1&google_push=ASkJ3FYVej-Ooseu3RKKY4NTQ9j67GIeWi9uNJpBEGTF_FlBxsf46ZaFVjr4nVAZ_5tx6b7lQ8hcu3suseoXfxwQz07G_Goqgpl1jK4YEaApqt2I8JDXEASasE5__CeJp3cQfwqzQMwP-i2U8wqblEX_s1c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYVej-Ooseu3RKKY4NTQ9j67GIeWi9uNJpBEGTF_FlBxsf46ZaFVjr4nVAZ_5tx6b7lQ8hcu3suseoXfxwQz07G_Goqgpl1jK4YEaApqt2I8JDXEASasE5__CeJp3cQfwqzQMwP-i2U8wqblEX_s1c&google_hm=bEpzQ21HVHlvbHRhd21YOVlnb1BFUkYyZUFj&from_google=pc1
Request Chain 372
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1&google_push=ASkJ3FaeZ7VHV_i2VD4gQ-Y9L2YIhI4T2997p_1BXOgHhFtsdhLRmajE9TyiMStTjnurByq46XDDBe110DNg2AutW3znAiVFvh_MeuBCKdIq-JvsrXIPrsx0P8kdNGh_Ity_45crYuz73KipyHot2Nf4vA HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_push=ASkJ3FaeZ7VHV_i2VD4gQ-Y9L2YIhI4T2997p_1BXOgHhFtsdhLRmajE9TyiMStTjnurByq46XDDBe110DNg2AutW3znAiVFvh_MeuBCKdIq-JvsrXIPrsx0P8kdNGh_Ity_45crYuz73KipyHot2Nf4vA&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&google_nid=index&google_push=ASkJ3FaeZ7VHV_i2VD4gQ-Y9L2YIhI4T2997p_1BXOgHhFtsdhLRmajE9TyiMStTjnurByq46XDDBe110DNg2AutW3znAiVFvh_MeuBCKdIq-JvsrXIPrsx0P8kdNGh_Ity_45crYuz73KipyHot2Nf4vA
Request Chain 373
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOwbIXOziNzvDbo3DaweYug&google_cver=1&google_push=ASkJ3FYur0Ge9lwfL2GH0kJR5ePocbHr8_OTvVxQ0EZ4YnECrLLEa_rJFkiGhFVozwOveVB1IYHqBeuXroRpxXSupW-IYVQtfQkQiv_A-wxax5jz8af-vYQQxuDeqxIyed27SNrsCJ9agPGtmbDdaBTSC6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=9a078c3b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYur0Ge9lwfL2GH0kJR5ePocbHr8_OTvVxQ0EZ4YnECrLLEa_rJFkiGhFVozwOveVB1IYHqBeuXroRpxXSupW-IYVQtfQkQiv_A-wxax5jz8af-vYQQxuDeqxIyed27SNrsCJ9agPGtmbDdaBTSC6w
Request Chain 374
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEGEM_l6QTm-m6-ZFwLhM3FE&google_cver=1&google_push=ASkJ3FaNyzsvlPgcCJSImncZ8YiFYwP2ctH56Bgeoe0H8FQjI6SBvljvuF4a27JG4kVbVBNFOA-N7ZVvmkbPq_EOjptroKs3J04_nXaIwMM0cOM6rm6kApQTGctlcvvPYczAlhaNyL325Ffe5XkCRIUw2Po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FaNyzsvlPgcCJSImncZ8YiFYwP2ctH56Bgeoe0H8FQjI6SBvljvuF4a27JG4kVbVBNFOA-N7ZVvmkbPq_EOjptroKs3J04_nXaIwMM0cOM6rm6kApQTGctlcvvPYczAlhaNyL325Ffe5XkCRIUw2Po&google_hm=AUaOfiem-UFjrxvfvzSrfD4
Request Chain 375
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAVgvnQa37rWm1eBHFBWQGk&google_cver=1&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJVJL2wy-2HGLiwYNb8PT036jmeEIXqEmyGAckoneFM4LvE3XdLpW6iBFLg-mfXLY8fIZJTpYCZ9ta3k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJVJL2wy-2HGLiwYNb8PT036jmeEIXqEmyGAckoneFM4LvE3XdLpW6iBFLg-mfXLY8fIZJTpYCZ9ta3k&google_hm=WTIxb0xNQ281dEVBQU9FWkJmWUFBQUFB
Request Chain 376
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENsdFEWXsjwVCPwtrttJ6ck&google_cver=1&google_push=ASkJ3FZJ7kOiTYs5TnHMYXRDWq5_ReFETo61tvyeAc-KjQdNuPvYI9rgE06ExqD7oWqR3ZcCYzSCMBaDxWoFQxzBObO6z2ydgZvbY6rr5NlhDJXQbxxwFrb7XZYLLCVaNMrlH40HyJjhudewjxrJx9vYWFh6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NjIxM2JjMjItNDQwMy00Y2Y1LTgyOTQtNzI0OTY5YzQ3YjY5&google_push=ASkJ3FZJ7kOiTYs5TnHMYXRDWq5_ReFETo61tvyeAc-KjQdNuPvYI9rgE06ExqD7oWqR3ZcCYzSCMBaDxWoFQxzBObO6z2ydgZvbY6rr5NlhDJXQbxxwFrb7XZYLLCVaNMrlH40HyJjhudewjxrJx9vYWFh6
Request Chain 377
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMMQdHcojTdEP-RIOTOVyXU&google_cver=1&google_push=ASkJ3Fa6qT9g0iYuL2Fvjul4-Ckbw-Whe3DgivsK-Jhr8ixEwbEwfi4baUGg2eAYBgnWfPlX4LetQdCsB2a7mk3x9iq8bDO0jqZOgOHBa-JPSR0qoiJ-45FYcJ1tTCMdUQJznQu8MO7O7_8JEpVttbqM4HLi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE3MDA5MTgxNjU0NjE2NDA5MA%3D%3D&google_gid=CAESEMMQdHcojTdEP-RIOTOVyXU&google_cver=1&google_push=ASkJ3Fa6qT9g0iYuL2Fvjul4-Ckbw-Whe3DgivsK-Jhr8ixEwbEwfi4baUGg2eAYBgnWfPlX4LetQdCsB2a7mk3x9iq8bDO0jqZOgOHBa-JPSR0qoiJ-45FYcJ1tTCMdUQJznQu8MO7O7_8JEpVttbqM4HLi
Request Chain 383
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 384
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Drkt%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=rkt&refUrl=&vid=81144760273111160757443616000V10&ovsid=1921700046369469050
Request Chain 386
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dapx%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=apx&refUrl=&vid=81144760273111160757443616000V10&ovsid=6170091816546164090
Request Chain 387
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dopx%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=opx&refUrl=&vid=81144760273111160757443616000V10&ovsid=faedb33a-b5a6-4c11-a2f0-3ab6f274a670
Request Chain 388
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dmma%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=mma&refUrl=&vid=81144760273111160757443616000V10&ovsid=3448636d-682c-4000-85eb-b55489834e65
Request Chain 389
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%5BRX_UUID%5D&cb=1668114476943 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1522057773 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/56dd1a37-4dba-47d0-839f-f69969cfcfff HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3DRX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExMTE2MDc1NzQ0MzYxNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbao6o61ar8NcWdLtnmowg&google_cver=1
Request Chain 391
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Ddxu%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Ddxu%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=dxu&refUrl=&vid=81144760273111160757443616000V10&ovsid=BY25HUeh1OTeMc5
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5a5e5a27-67b6-4fe8-af18-a5aa5ebb4e07&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526530812281824069&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526530812281824069&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=7c9b3b95-3bbb-445c-be84-609096a6ea96&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523223482756687237&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232923304331012879751&ssp=medianet&gdpr=0&gdpr_consent=
Request Chain 394
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dzem%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Tel1SNEk0Jn9VPkvWPec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKUMVWDCU2OIVVTASTOHFLFA23WK5IGKYZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DCMJUGQ3TMMBSG4ZTCMJRGE3DANZVG42DIMZWGE3DAMBQKYYTAJTWONUWIPJTGEYTCMJWGA3TKNZUGQZTMMJWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKUMVWDCU2OIVVTASTOHFLFA23WK5IGKYZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DCMJUGQ3TMMBSG4ZTCMJRGE3DANZVG42DIMZWGE3DAMBQKYYTAJTWONUWIPJTGEYTCMJWGA3TKNZUGQZTMMJWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=Tel1SNEk0Jn9VPkvWPec&refUrl=&type=zem&vid=81144760273111160757443616000V10&vsid=3111160757443616000V10
Request Chain 395
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3111160757443616000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3111160757443616000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=26f40fd5-bf30-449b-94af-dddee1504444&cs=1
Request Chain 397
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=56dd1a37-4dba-47d0-839f-f69969cfcfff
Request Chain 398
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=56dd1a37-4dba-47d0-839f-f69969cfcfff&dongle=0cfd
Request Chain 399
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAyMjczMjk2NDQwMDUwODMyMzM5Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECP3yl2ppaVdKcU0Bv_Q7LY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 401
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAyMjczMjk2NDQwMDUwODMyMzM5Nw%3D%3D
Request Chain 402
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4022732964400508323397&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4022732964400508323397&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e9247e92-4488-462a-a08f-a7e7d31cbbb7&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e9247e92-4488-462a-a08f-a7e7d31cbbb7&_noobservation=1&_expected_cookie=5fd3159fbcd87bfcca2226bf1d086220
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4022732964400508323397&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4022732964400508323397&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=94338d19-45d3-4fea-a942-a84d322affc6&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523223482756687237&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523223482756687237&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=7c9b3b95-3bbb-445c-be84-609096a6ea96&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523223482756687237&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232613304331012876708&ssp=triplelift&gdpr=0&gdpr_consent=
Request Chain 404
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4022732964400508323397?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-B5UJ.plE2oQ5g7tRKTEtNanef_.FP.DGJ0uFLnKQLA--~A&dongle=0883
Request Chain 405
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4022732964400508323397 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4022732964400508323397&dcc=t
Request Chain 407
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6170091816546164090&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 411
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=1108905291&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114475960&bpp=13&bdt=269&idt=340&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=5209430815737&frm=8&ife=1&pv=2&ga_vid=166291762.1668114476&ga_sid=1668114476&ga_hid=1860978508&ga_fc=0&nhd=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=2071900481&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C31070786%2C44775017%2C44778614&oid=2&pvsid=957122147077897&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uv8xzmbbcp7w&fsb=1&dtd=360 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 412
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yk-9wUXimKmLktVFXdAjcw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6966794192516001193
Request Chain 413
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=&expires=30
Request Chain 414
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BxqSu7zVTmOfebo8j8irtQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BxqSu7zVTmOfebo8j8irtQ
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbv_JlfyjuWyg4kaWyKLT0&google_cver=1
Request Chain 416
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY1MzM1MWY4NTRmNTQ1M2M5OTFmOTQ1YmE4NDQ3NjEzY2Q3MDk2Zg
Request Chain 417
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCS0FDMkEtSi02ODFH
Request Chain 418
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HScPfnEaTrqq68hJ8YiLgQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HScPfnEaTrqq68hJ8YiLgQ
Request Chain 419
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LABKAC2A-J-681G
Request Chain 426
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 428
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6170091816546164090
Request Chain 429
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FoTzERZHD24cRODNT9G37dA9
Request Chain 430
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FoTzDLZHPcUPQSFcQZuP4ONZ
Request Chain 431
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668114476943 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2031110679 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/56dd1a37-4dba-47d0-839f-f69969cfcfff HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3DRX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
Request Chain 432
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1974054390330761123
Request Chain 434
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F13275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/13275?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3c87ce0e-e654-4dcc-bbda-49a5d0c5f009&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=Y21oLIvjQsP17ON6-CwhMgAA%265335 HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F13275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/13275?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3c87ce0e-e654-4dcc-bbda-49a5d0c5f009&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ua-3b414a2e-2a15-36c1-b99d-088d49c2221e HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F13275%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 435
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-ygj3oPlE2uEfs_5n0Ivk1ejDbWoxw34BgGH1Ueo-~A
Request Chain 436
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2I0MTRhMmUtMmExNS0zNmMxLWI5OWQtMDg4ZDQ5YzIyMjFlMgEGOAE=%26buyeruid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F37924%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 437
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-l8fjXqFE2uGnDlzFVGQnFb9nYFFgZyMr5H_5mN8-~A
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
Request Chain 444
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
Request Chain 445
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706476&gdpr=0&gdpr_consent=
Request Chain 446
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&dcc=t
Request Chain 447
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3448636d-682c-4000-85eb-b55489834e65
Request Chain 448
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y21oLBRlAv1dnrsG5Bq5pQAA%265332?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
Request Chain 449
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4156914352050536875
Request Chain 450
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JDsLMCQwD2w_PAVtIW4QMHY6WGU_O15kJGuNEdC1
Request Chain 453
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y21oLIvjQsP17ON6-CwhMgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
Request Chain 455
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB&dcc=t
Request Chain 456
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706477&gdpr=0&gdpr_consent=
Request Chain 458
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683752877&external_user_id=171a1600-eb15-43f1-a6a1-6838838642aa
Request Chain 459
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAuE2E7G2tAAAB9HYnsxyg&expiration=1669324077
Request Chain 465
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe7-SkH_14PvPmwefTy1u8zkBnhjMLCA
Request Chain 467
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
Request Chain 468
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LABKAC2A-J-681G&gdpr=0
Request Chain 469
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6170091816546164090
Request Chain 470
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7499798753662301054
Request Chain 471
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RHsTouTGVjK3EkAIKfumsD-i00UFKIrYhRjTcVDCgMo
Request Chain 472
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBERTkzNDgtMEEzRC00RDE3LTg2NDItQkUyODMzMDIwNzIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Request Chain 473
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-tqsdVA9E2uEfkVRFcSzLEbsQay9HKNfXM91oLSo-~A
Request Chain 474
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
Request Chain 475
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2a715592-8309-40e7-8754-bde296fb9d4b&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 481
  • https://c1.adform.net/serving/cookie/match?party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent=
Request Chain 482
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Request Chain 483
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Request Chain 484
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrmrwumu3lx HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Request Chain 485
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K-m1TCvisRAw7rsRLryuTHno5hkw6eAYK7k4SqCn HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Request Chain 486
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6170091816546164090&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Request Chain 488
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN6TSAo9TReGQr4oMwIHIg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 489
  • https://idsync.rlcdn.com/420486.gif?partner_uid=30DE9348-0A3D-4D17-8642-BE2833020722 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=79956eed2d899be5c9f7767a985a7be1b01071dfdf93a831a868241a8f0b7772791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3OTk1NmVlZDJkODk5YmU1YzlmNzc2N2E5ODVhN2JlMWIwMTA3MWRmZGY5M2E4MzFhODY4MjQxYThmMGI3NzcyNzkxNDI2YjU0MTdkY2UyMRAAGgwIrdC1mwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3OTk1NmVlZDJkODk5YmU1YzlmNzc2N2E5ODVhN2JlMWIwMTA3MWRmZGY5M2E4MzFhODY4MjQxYThmMGI3NzcyNzkxNDI2YjU0MTdkY2UyMRAAGgwIrdC1mwYSBAgCEABCAEoA&google_gid=CAESEH_wVwd2evNKbTsNzvs6wWk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ef60624f-350d-4056-98b0-e14eb4575272
Request Chain 490
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3448636d-682c-4000-85eb-b55489834e65
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBERTkzNDgtMEEzRC00RDE3LTg2NDItQkUyODMzMDIwNzIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Request Chain 492
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Request Chain 495
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 497
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=765b60bd-cc23-42c9-a105-e2cae45735e0&expires=1&user_group=5&ssp=smartadserver&bsw_param=94338d19-45d3-4fea-a942-a84d322affc6 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=
Request Chain 498
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=085b220419ca8dfc30c01470&gdpr=0&gdpr_consent=
Request Chain 499
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4871406041276183474&gdpr=0&gdpr_consent=
Request Chain 500
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3107225997839085559&gdpr=0&gdpr_consent=
Request Chain 501
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6170091816546164090
Request Chain 502
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_4e3513f3-409e-4950-906a-e7acc18744ea&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6 HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6
Request Chain 503
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a91f68eb-74e2-4d49-7787-da3732a148dd$ip$116.90.74.196
Request Chain 504
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_4e3513f3-409e-4950-906a-e7acc18744ea&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Tel1SNEk0Jn9VPkvWPec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VDFNQYVGTSFNMYEU3RZKZIGW5SXKBSWGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VDFNQYVGTSFNMYEU3RZKZIGW5SXKBSWGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tel1SNEk0Jn9VPkvWPec&us_privacy=1---
Request Chain 505
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668114477329 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8110664185 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/56dd1a37-4dba-47d0-839f-f69969cfcfff HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-59ac803d-9811-4dd3-850b-6715a32d7b68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-59ac803d-9811-4dd3-850b-6715a32d7b68-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-59ac803d-9811-4dd3-850b-6715a32d7b68-004
Request Chain 506
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=03x0dOXaC44G&ev=1&pid=558355
Request Chain 507
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28pwxLBINIl_2trjoZZtm7SvtMe4xG-v-jA8kUpGBmgh1x9SHD-3BB6JXDei7X0VAQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28pwxLBINIl_2trjoZZtm7SvtMe4xG-v-jA8kUpGBmgh1x9SHD-3BB6JXDei7X0VAQ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4e3513f3-409e-4950-906a-e7acc18744ea&obuid=ENC(pwxLBINIl_2trjoZZtm7SvtMe4xG-v-jA8kUpGBmgh1x9SHD-3BB6JXDei7X0VAQ)
Request Chain 508
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c5fc7ed5-36b3-4ea7-a6c4-543588cb35ea
Request Chain 509
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-flWOeSJE2pd0mzFaP3h68jNldr3vKYY1xmu_~A
Request Chain 510
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=bdbb8323-fd64-495c-b36d-f8529fe1c219
Request Chain 513
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=607a995a-4a48-451a-907d-5d5c08223917
Request Chain 514
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4871406041276183474
Request Chain 517
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=56dd1a37-4dba-47d0-839f-f69969cfcfff
Request Chain 518
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
Request Chain 519
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent=
Request Chain 522
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y21oLMCo5tEAAOEZBfYAAAAA
Request Chain 524
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
Request Chain 525
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=nVUstsK11BeOKVr6TYex&pi=gumgum&tc=1
Request Chain 526
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LABKAC2A-J-681G HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LABKAC2A-J-681G
Request Chain 529
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LABKAC2A-J-681G HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LABKAC2A-J-681G
Request Chain 539
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LABKAC2A-J-681G HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LABKAC2A-J-681G

561 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
www.bg3.co/a/ 		58 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
212beb7aeaeae945e3f9b76004b2a50b1f4ad0489fb84c40e3d5c47e7c6281ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 21:07:46 GMT
ETag
"e9b7-wWH9+OrqAyNDOb5l88QcUiKvB+U"
Expires
Thu, 10 Nov 2022 22:07:46 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 21:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8c5dc74afc4fee5e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 21:07:47 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 21:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9659
x-xss-protection
0
server
sffe
etag
"4254571f41355952"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 21:07:47 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 21:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"39279299a806cd29"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 21:07:47 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 21:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31984
x-xss-protection
0
server
sffe
etag
"1fa26b097e24ff6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 21:07:47 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6760
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:12:33 GMT
server
cloudflare
etag
"6359f721-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Nn4HzZLMDqDhF4omcLXBLZH26sT1XbzZN6tPlCBuOTSB5J8GRUV4V0FA2QTkwl7BjaA6Q4ll78kzaeyohIFLK4bumbd2FPUSmFMMPFuLx%2BtTmBp9OPENfM7oxWn96o2hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7681c2833861a862-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.120 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-120.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:48 GMT
content-encoding
br
last-modified
Thu, 10 Nov 2022 07:00:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=6, origin; dur=902
x-cf-geodata
NZ
content-length
9035
expires
Thu, 10 Nov 2022 22:07:48 GMT
adpushup.js
cdn.adpushup.com/42753/ 		867 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:47 GMT
content-encoding
br
last-modified
Thu, 03 Nov 2022 17:05:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=13
x-cf-geodata
NZ
content-length
194623
expires
Thu, 10 Nov 2022 22:07:47 GMT
04d6da6f2fe5fbdb8914fe81a3a9bc85.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/04d6da6f2fe5fbdb8914fe81a3a9bc85.jpg?w=800&h=744&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
287775f336d435affef19b5fa8067913.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/287775f336d435affef19b5fa8067913.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e738d0a18b6c4097de3c1cd10e5a2699.jpg
static.bg3.co/imgs/202112/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/e738d0a18b6c4097de3c1cd10e5a2699.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
030c674cf3948117740aab3379049b4a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/030c674cf3948117740aab3379049b4a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
48faa555f8149430f7174815bf373340.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/48faa555f8149430f7174815bf373340.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cb2410ab401502c3b601cde9423e5c6c.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/cb2410ab401502c3b601cde9423e5c6c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4aa76d07cfc339394516ee385aad5a8e.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/4aa76d07cfc339394516ee385aad5a8e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bc9ca93eafab70825b460adb96e72249.jpg
static.bg3.co/imgs/202201/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/bc9ca93eafab70825b460adb96e72249.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a045a7917f9570f433776ba43c4f3a0e.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a045a7917f9570f433776ba43c4f3a0e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
11cd9225b64ec69ca292342f1f5ca4b4.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/11cd9225b64ec69ca292342f1f5ca4b4.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a4f2e81d200854833ad9f98dbf800d8a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a4f2e81d200854833ad9f98dbf800d8a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7d65bd5f48dc11950762715b01b54794.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7d65bd5f48dc11950762715b01b54794.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
89bd1661cf469eb9390e6891448788d6.jpg
static.bg3.co/imgs/202204/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/89bd1661cf469eb9390e6891448788d6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
897d1b6ad6c3f125aaec08e09a3444eb.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/897d1b6ad6c3f125aaec08e09a3444eb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2d9f2b9545207b04af5f6e99af94eb89.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/2d9f2b9545207b04af5f6e99af94eb89.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1c4650a264630a4d596339a7d0bea1ad.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/1c4650a264630a4d596339a7d0bea1ad.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
592ef6862207a2cadd687246d57d89aa.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/592ef6862207a2cadd687246d57d89aa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dead7223960c14d996503db78b522848.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/dead7223960c14d996503db78b522848.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c179fd45253101eea2e5dc377fecc523.jpg
static.bg3.co/imgs/202201/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/c179fd45253101eea2e5dc377fecc523.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8a18a68d72fcb254065258d9ffba43bc.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8a18a68d72fcb254065258d9ffba43bc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a2f6dcb50531dc8980f68638a9acf6e9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a2f6dcb50531dc8980f68638a9acf6e9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e54b6e8f7511569a96ac368c0d1f888f.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e54b6e8f7511569a96ac368c0d1f888f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e64ade74b4341d0ca83f20035518eb88.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e64ade74b4341d0ca83f20035518eb88.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 23:41:51 GMT
age
77158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2997
x-xss-protection
0
server
sffe
etag
"b5d6bb1d52a8f322"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 23:41:51 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 23:27:19 GMT
age
78030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23047
x-xss-protection
0
server
sffe
etag
"ba2717cd44fdea30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 23:27:19 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 23:23:55 GMT
age
78234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3863
x-xss-protection
0
server
sffe
etag
"409244e9f59114f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 23:23:55 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:49 GMT
content-encoding
gzip
x-sp-metadata
HS256.CLXstZsGEogBCiRhMzQxMWE0YS02ODM2LTQzZTgtOTA3MS1mYjkwY2Y5YmFiMWIQ6JCNkN3O+gIaBgil0LWbBiINMTE2LjkwLjc0LjE5NiiCowMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDhkYTJiMDMyLTJjOGQtNDMxOS05NGZkLWU1MmVjZjZiY2YwNRib8QE=.n/nIW9w/eqdDsIvzx4WP75yKlauDGh+JUx3w4+kup8s=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668114469.dop206.la3.t,1668114469.cds236.la3.hn,1668114469.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
963
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQSnG485L40anMKY2W5hMBLSbXE2lgTEthOExvb81b1AXvmfcdFz1lta01pmJzXq%2FIFe3Wo6z%2FEhtGycwa%2Bz36NVgEDPUDzYUL97jbCiYSkLzkEtUEEJl%2BfSfJ09wL2RVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7681c2850a05a862-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:49 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:49 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.06483344780022171&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:48 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.4991423251990803&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:49 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:49 GMT
content-encoding
gzip
x-sp-metadata
HS256.CLXstZsGEogBCiQ0NWEyOTkxZS03YTk0LTQ2MjktYWJkOC02OGZkYjI5MWMzYjcQ6JCNkN3O+gIaBgil0LWbBiINMTE2LjkwLjc0LjE5NiiCowMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDkzNmRjMTAzLWQwNTQtNDViNy1iZGZhLTYzYmUwZDdkMWMyZhi46QE=.3uILGUgyOmYLDU9aXZzi5Rhycj8Cph7fMOWcP03sDOY=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668114469.dop206.la3.t,1668114469.cds236.la3.hn,1668114469.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
init.js
cdn.holmesmind.com/js/ Frame 6BAF 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 21:07:23 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
28
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
ovjf8HFYY60wFKG1GnWQgXszGb32sRa3veizzw7xzUroX3DLN5EvBA==
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 23:23:34 GMT
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10265
x-xss-protection
0
server
sffe
etag
"23bc4ca8e6d97223"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 23:23:34 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 23:41:05 GMT
age
77204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57848
x-xss-protection
0
server
sffe
etag
"223b6842b827a21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 23:41:05 GMT
gtag.json
cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 23:24:58 GMT
age
78171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"0617c6e185be6e0c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 23:24:58 GMT
init.js
cdn.holmesmind.com/js/ Frame A6CB 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 21:07:23 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
28
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
TQlA-EQTclb_ThYVitZkf_kPzYTnIZvHUH9JJ-JFpvXbadI_6_Uo2Q==
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
94168
expires
Fri, 10 Nov 2023 21:07:50 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=10
content-length
211
expires
Fri, 10 Nov 2023 21:07:50 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
17440
expires
Thu, 10 Nov 2022 22:07:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
36965e85261fd2479e2e9dc7c244c8e724ede0fc8dc428042e323ab4e5e43079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1390 / 647 of 1000 / last-modified: 1668081943"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 21:07:50 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:50 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3E2D 		714 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
654
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7681c28c7b1edfc1-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 21:07:49 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utYqF2TGMd%2FLw%2BAHpB8Q577mNuMVmrmEeHCim9cW6hCBniwunvoWOLxgJV9T50mnzzYD1z7CVXvFep5ue3aTLCVxn5ZfbFtqLjzvXv%2FoMbYIMcO4d002MgA9QnLB7ExFCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:49 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3A5D 		714 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
654
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7681c28c8b20dfc1-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 21:07:49 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8GVR9VZRyyZ5RVoyOtyFD9fHFTlLgGPipDLQPo0km1ghaBzc7%2BVswLXbFv6LgMPQ9%2F%2FtbbYvz9Xg8oeuVHgxlSC4eaFCGt%2Fdg%2Bkl9BzheJofd9XInY4PysYDWwE90mfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgxMTQ0Njk3ODAsInBhY2tldElkIjoiMDAwMEE3MDEtZWMyMzM5NWYtMGQ3MC00OTVkLWExMDAtZTAzOGQzYTQyNjY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjF3dS15aW4tbGlhbmctcGluLXp1aS1yZS1tYWktYmFvLXlhbmctaGFvLXd1LXRvcC01LXdhbmctemFuLWd1YW4tanVuLWdhby1jcC1zaGktZnUtYnUteGluLXRlbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=4486.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgxMTQ0Njk3ODAsInBhY2tldElkIjoiMDAwMEE3MDEtZWMyMzM5NWYtMGQ3MC00OTVkLWExMDAtZTAzOGQzYTQyNjY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjF3dS15aW4tbGlhbmctcGluLXp1aS1yZS1tYWktYmFvLXlhbmctaGFvLXd1LXRvcC01LXdhbmctemFuLWd1YW4tanVuLWdhby1jcC1zaGktZnUtYnUteGluLXRlbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=4486.900000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgxMTQ0Njk3ODAsInBhY2tldElkIjoiMDAwMEE3MDEtZWMyMzM5NWYtMGQ3MC00OTVkLWExMDAtZTAzOGQzYTQyNjY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjF3dS15aW4tbGlhbmctcGluLXp1aS1yZS1tYWktYmFvLXlhbmctaGFvLXd1LXRvcC01LXdhbmctemFuLWd1YW4tanVuLWdhby1jcC1zaGktZnUtYnUteGluLXRlbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=4487.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
4838
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Fri, 11 Nov 2022 01:07:51 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgxMTQ0Njk3ODYsInBhY2tldElkIjoiMDAwMEE3MDEtZWMyMzM5NWYtMGQ3MC00OTVkLWExMDAtZTAzOGQzYTQyNjY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjF3dS15aW4tbGlhbmctcGluLXp1aS1yZS1tYWktYmFvLXlhbmctaGFvLXd1LXRvcC01LXdhbmctemFuLWd1YW4tanVuLWdhby1jcC1zaGktZnUtYnUteGluLXRlbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=4492.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgxMTQ0Njk3ODksInBhY2tldElkIjoiMDAwMEE3MDEtZWMyMzM5NWYtMGQ3MC00OTVkLWExMDAtZTAzOGQzYTQyNjY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMjF3dS15aW4tbGlhbmctcGluLXp1aS1yZS1tYWktYmFvLXlhbmctaGFvLXd1LXRvcC01LXdhbmctemFuLWd1YW4tanVuLWdhby1jcC1zaGktZnUtYnUteGluLXRlbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=4495.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:50 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668114469810
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.120 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-120.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:49 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
accept-ranges
bytes
content-length
631
expires
Thu, 10 Nov 2022 22:07:49 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-35465494912996878335.ampproject.net/2210272257000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-35465494912996878335.ampproject.net/2210272257000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3E2D 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
36965e85261fd2479e2e9dc7c244c8e724ede0fc8dc428042e323ab4e5e43079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1390 / 655 of 1000 / last-modified: 1668081943"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 21:07:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3A5D 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
15bcadb21c1c7bbdb452fef43f73bd090f4ba0269a4bf58cf8fe64542d7c3f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1390 / 203 of 1000 / last-modified: 1668081943"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 21:07:50 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 3A71 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
9
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 21:07:43 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
x-amz-cf-id
WL7iK5lWR7MNh-A8m2X7F9vUrni8ai9_2V0Nq-wVZGYuopRlG_9PzA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 6BAF 		662 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:43 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
Eb22jwyoRT7HU3RHjbX_JtL5bAryBWooNzWUXMc8jGpIgTybbuoNiw==
presetfn.js
cdn.holmesmind.com/js/ Frame F050 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
GYiGHmI-Gxd5CAchI38Of408TYNVkLadNpXp8BJVB-BQaifbg1vmSQ==
capmapping.htm
cdn.holmesmind.com/js/ Frame CA28 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
9
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 21:07:43 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
x-amz-cf-id
dr84uwwj1O4wpjlRfH_fxnGz_cfkfFpVumuAlgOlhz7dddImKXSqdA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame A6CB 		662 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:43 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
ptMsRQL2pAHeo5LpizZBQdAM0X9_hWBzfgmMbUjkFpNAB68jk7z6pw==
presetfn.js
cdn.holmesmind.com/js/ Frame EE62 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
XZAB_RqD7N2aKbz8wZwYajtyXpF9XVvhtACLhJCTP5sN6NaQyT84uA==
cm.php
fcm.holmesmind.com/ Frame 9FB0 		39 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:53 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 3A71 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 21:17:51 GMT
cm
c.holmesmind.com/ Frame 3A71
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame F050 		1 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-124.sin5.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:04:23 GMT
content-encoding
gzip
via
1.1 682a73fb2198f321ef89332a6cb933ee.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN5-C1
age
207
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
_b5IdZrWFzTK9BQteF9bJKp488zq6vRYpQOsAVk2uKXheON8GfU0Zg==
cm
c.holmesmind.com/ Frame CA28
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 7718 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:53 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame CA28 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 21:17:51 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame EE62 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-124.sin5.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:04:23 GMT
content-encoding
gzip
via
1.1 682a73fb2198f321ef89332a6cb933ee.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN5-C1
age
207
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
qLmOTBzbgnXDW2ouJP_c7vu98FZdyzTzaAE7jV_FH-KHDibLgVYAEQ==
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=2021%E7%84%A1%E5%8D%B0%E8%89%AF%E5%93%81%E6%9C%80%E7%86%B1%E8%B3%A3%E4%BF%9D%E9%A4%8A%E5%A5%BD%E7%89%A9Top%205%EF%BC%81%E7%B6%B2%E8%B4%8A%E5%86%A0%E8%BB%8D%EF%BC%9A%E9%AB%98CP%E3%80%81%E6%BA%BC%E6%95%B7%E4%B8%8D%E5%BF%83%E7%96%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-sQbmasO-OozquhJUa0xREg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.07484492581088142&gjid=0.921868747980797&_r=1&a=6217&z=0.46889931004110386&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
etag
"dGMVEkJqMDGUKmTNQCF+Mg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Nov 2022 21:07:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6C01 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
34b9ad4d1f0a316301ee8754d5edc256ba50735e9e30ea552743abbdcffbc158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11785
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:51 GMT
expires
Thu, 10 Nov 2022 21:07:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022110901.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 11:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 09:36:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Nov 2023 11:59:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Thu, 10 Nov 2022 21:07:51 GMT
pubads_impl_2022110901.js
securepubads.g.doubleclick.net/gpt/ Frame 3E2D 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 11:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 09:36:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Nov 2023 11:59:52 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2ce7f1079431f6f9178fd0a22eb376265c6aee52f88f05e5e3c9e98757266b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6175
x-jsd-version
1.0.1520
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4533-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-IXg0MJuBeSvQUhRbLGa222iWzxk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLupG7ibDLTZGXXPQrLHKNFeMiCwJVJ2TmfyhXyYAikzCp091i9BNvCvNBVj5Hs8cXAjGy31G6ilbWM6IJORFdVaDAxPA5De3jusc7jccVCHu1KFy71NCjJpFlTtoTbfQ7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7681c295aca3aadd-SYD
arj
adpushup-d.openx.net/w/1.0/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=be1aedd6-6089-49b8-881b-90ff71361d6c%2C44e025bb-7b9e-4bea-8587-7d28169a5df2%2C8fa38c55-2bd7-4ff7-9167-406cb7afd472&nocache=1668114470966&pubcid=e16de5fc-b721-4906-9b69-8c3024bc0751&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fa966c6fef4a60d4b82026ae6a56b60dcda31062b61d89c06ee529ebc4081557

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4634
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=805ce2f0-87d2-4acf-b465-0e1a8b8bb3f7&nocache=1668114470967&pubcid=e16de5fc-b721-4906-9b69-8c3024bc0751&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f524ee39-a662-43b6-aae7-2ddcd594e916&nocache=1668114470967&pubcid=e16de5fc-b721-4906-9b69-8c3024bc0751&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=44f424a6-a25a-465f-be6b-2c3519eec6d5&nocache=1668114470967&pubcid=e16de5fc-b721-4906-9b69-8c3024bc0751&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2284687173d48507%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22153cc75dd0f428d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22189b098475fb75b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22193673c1ce46c41%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e16de5fc-b721-4906-9b69-8c3024bc0751%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b093f197371c0571499c72a87f7cffe71da3c92abaa997faa322ae1c9011aadc

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJM9OUAN0rQioU0pfSMGbt1iq0j37n8a3x8wIffHlXLgRB6LJQRp5I%2BsF9V3kdF9OM6Nlc3pNdFaFX0EJzE3YdjJBfzQaV%2FHXMT6s36XPe3AGg%2FXBp7tJ8LNLcivHMn2fgy79JKa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7681c2959b53fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2284687173d48507%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22189b098475fb75b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22193673c1ce46c41%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e16de5fc-b721-4906-9b69-8c3024bc0751%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b093f197371c0571499c72a87f7cffe71da3c92abaa997faa322ae1c9011aadc

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6fJGEy7j286hgP4V%2FtmqdR5%2BrD9BjUP67bp%2B27wtq1NH19BIHsMr%2BXKkt5xnF5u3bGwH4wXtD1sxu8DKl35AUW0CnOBu7i325FRa1nFqqtJCM2nTKEt6KGNnRJSWAtuUlQR%2BEQB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7681c2959b55fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.47 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Nov 2022 21:07:52 GMT
prebid
ib.adnxs.com/ut/v3/ 		377 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0e9ee67a77f6247ad33e28d7f97576cadb449f7bc925719c995dbb030bc2f07c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:51 GMT
AN-X-Request-Uuid
65aadc20-3c08-4e60-b657-eed6da661683
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
377
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cdc2b7d18ef7a5fdb1049f1ff8d9da243edfd22274875f9a75e23932a04c01ab

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Nov 2022 21:07:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
adreq
ads.servenobid.com/ 		717 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3368
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=56667333016
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 21:07:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.173.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-173-93.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.206.37 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-206-37.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d50cb19b0ef8095ffca4eb5a2316bcb2ffb1cd990976fbe0d4df9ab8ef3b620b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.206.37 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-206-37.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b2d37eb29de4816d5b8e770ab5290b0bc02f47b852cd98ad7e3883ebc8fafb00

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.206.37 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-206-37.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4f5e727a9d7b03885da2c56f5068d2c2a2c7bbcd4327f4a8a2de58fa554b895d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=e16de5fc-b721-4906-9b69-8c3024bc0751%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=f15ecad8-3e3d-4f74-b7bc-d2a90d088f3e%3Bca5e4642-6cc2-47bd-84e6-6875f5d62e9e%3B72776d99-cb1f-463d-8b61-775f2812f0a6&l_pb_bid_id=57666ac861ee30a%3B58920fcc9fc473a%3B598a8e9cfdd7c42&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.2994740697852052
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
de4d3a5ffa4d0f171771e3ca4db9e3a038910a2037520bf6edef524738bf5cf4

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.91.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-91-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
16
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 10 Nov 2022 21:07:50 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
prebid.media.net/rtb/ 		1 KB
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fce0c659d4131d823933f1ab4eb84806ea70b12514c87912d14b0e660048fe57

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
97
alt-svc
clear
pubads_impl_2022110801.js
securepubads.g.doubleclick.net/gpt/ Frame 3A5D 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131898
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:38:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 12:01:14 GMT
ads.js
ad.holmesmind.com/adserver/ Frame F050 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&n=42&o=1&d=1&b=2&ts=1&ii=2&FPCK=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ebffb5b1bb660eecca9eacabf7ce6224148d02b146ac0a77dddfa09a64ce807a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame F050 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
8
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
KxlDrCPR7rA1nIZkGObSKJbZkRLpBTb777SkLp0z5aUwDt3PaI17tA==
publishertag.js
static.criteo.net/js/ld/ Frame F050 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 21:07:51 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame F050 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
8
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
MRBR2d9qbS21vniw5JNymnwA2tECbGmNUtTJTmyX5nxnk-SLkDyyTQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame F050 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:20 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
57
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
MvipHrYlaEmwvVBbZhsl7naH_HmVLk76ED3J6J17aLnjJO1t8YCALg==
appierV2.js
cdn.holmesmind.com/js/ Frame F050 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
8
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
F3lEiROUbFShp4D7_gDTknybmGtz6pmOPvnxbjzZyIP6Txjpr2dU1g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame F050 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
20
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
b2tNcxGexIe4udJ9VfxofzU4duiqqIUL4AkG-KN125OchHCBHTlhkg==
ads.js
ad.holmesmind.com/adserver/ Frame EE62 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&n=787&o=1&d=1&b=2&ts=1&ii=2&FPCK=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a22c4379a72780394819a42e4a91f08ab18186fbc2aeaa6f499dee237e348983

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame EE62 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
8
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
rH-9O8fph6QJV5-Bqnv9aVlG-gC9IKB4MTtu1uDdoE3UgCOb7jO83Q==
publishertag.js
static.criteo.net/js/ld/ Frame EE62 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 21:07:51 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame EE62 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
8
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
F6TAB9jehkNXZeJXmG3ne2vZ3p-xR3BVdSnTh84MIKDUB_eNv66duQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame EE62 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:20 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
57
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
86GtAG5XTNzNuHYNvz42KuSjHYcRUgXkjFPedqorbX1yu05GqWMctA==
appierV2.js
cdn.holmesmind.com/js/ Frame EE62 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
8
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
UlJUgMjBnlLoyEx35NBlagPr7UyRDnI-jTpIW9vzQxtTrVPmZupYXw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame EE62 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 21:07:46 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
20
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
yr_-zWMkOwZl-z0LqMth5wufxdfy9GjaoAofX9rsvxcErdV8Vm744w==
/
t.ssp.hinet.net/ Frame CA28 		37 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
2238ad5567c5fac17e4d86c0c9eee7fa8c3b37ac1e25817082b7a290a40d3fac
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 3A71 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
32bad9d978b91acf980046287d7b0db7a7fe4cd06c4aae6429a4a42e76c84fe7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
landing.php
fp.holmesmind.com/ Frame 800A 		0
0
utag.js
t.ssp.hinet.net/ Frame F050 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 21:17:51 GMT
landing.php
fp.holmesmind.com/ Frame F651 		0
0
utag.js
t.ssp.hinet.net/ Frame EE62 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 21:17:51 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame F050 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 21:07:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame F050
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vH09hgdHAhqh8lEeKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=vH09hgdHAhqh8lEeKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=vH09hgdHAhqh8lEeKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F050
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=BYLayggpAPOpx85KKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=BYLayggpAPOpx85KKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=BYLayggpAPOpx85KKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F050
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dl3S0fMlAoG0SWTtKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dl3S0fMlAoG0SWTtKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dl3S0fMlAoG0SWTtKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame F050 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7250036179422934
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame F050 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8850541990178982
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame F050
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vDWQwVgxDJeggl1NKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=vDWQwVgxDJeggl1NKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=vDWQwVgxDJeggl1NKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame F050
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8pUZKX1kAaOgdPHeKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=8pUZKX1kAaOgdPHeKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=8pUZKX1kAaOgdPHeKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame EE62 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 21:07:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.164.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-164-73.bkk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 20:24:02 GMT
via
1.1 8fe62c8badafd5f0970a029ad5f34914.cloudfront.net (CloudFront)
x-amz-cf-pop
BKK50-C1
age
2631
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
3sIP0Wh0MmcfWAr4uYG40gL_7P_Lz1DfRenBVoGnAr7D_2HWZ4KszA==
prebid.aspx
prebid.scupio.com/recweb/ Frame EE62 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.313464671204819
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame EE62 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.976777159400019
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame EE62
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=gATdjJWGANKfItVCKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=gATdjJWGANKfItVCKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=gATdjJWGANKfItVCKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame EE62
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=3eo_t1ZsCWOHLbDvKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=3eo_t1ZsCWOHLbDvKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=3eo_t1ZsCWOHLbDvKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame EE62
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=tMSEmq0FDsyJlCNCKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=tMSEmq0FDsyJlCNCKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=tMSEmq0FDsyJlCNCKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame EE62
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=6Ja0ILDSBXK2SfpyKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=6Ja0ILDSBXK2SfpyKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=6Ja0ILDSBXK2SfpyKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame EE62
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=_wSXjIuSB4eMb_DEKGhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=_wSXjIuSB4eMb_DEKGhtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=_wSXjIuSB4eMb_DEKGhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
emome2
t.ssp.hinet.net/ Frame CA28 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=43a3beff-9f0c-4b97-8d97-5e041adbf71d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 3A71 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=6fb072e4-4c1e-431c-a844-c55c93891445
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame F050 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
2b21f4d2f2e77d87240629cf2e5cc47363788802f79274dfdf0e01773f2eca7a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame EE62 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
2b21f4d2f2e77d87240629cf2e5cc47363788802f79274dfdf0e01773f2eca7a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
afr.php
ads.as.criteo.com/delivery/r/ Frame 230A 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
df0ac4d49013acdf8664cdc55284bfec2b682ff56860a0a45bce97c9d00bcd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=jJo7TKkrtXZq4RRf71J6B7Mhdcz6Zn-k-FPjkxkCtKbcMAEdiA4GiY3_r1JAMxS0lMkTTCBVTnWN_pwyhRhQ2oNahTQh810_Dn-MG30e-43XkAGX1GKD5r8oxrV8ny4am_TqfDX4k0q522c0wJ9KN1EM5DTYF4T3rX9LVNv4gnmttnOALSqtPbLXSw0E_0bggfhgBHeE9boSzkO8sPmNCO3OsUsdx3-B0jis1GIf9PPBtoQmdl1MyBH7rwGkk8pSNkAOWQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5520660
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 20B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:23:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
74684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:23:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 20B9 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 01:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 01:36:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20B9 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 20B9 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CnawCJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSQAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar4zVKpX9WhSyHaCTGQpuiiorDKe2V8i0G9IZdtV90shZUsnh6RVjegAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjE2MjMxOTM1NzEzMDM4GAA&sigh=K94JGMbHZY8&uach_m=[UACH]&cid=CAQSGwDq26N9Ch9YntnQaXJZOqum7_ytwJYSHJn1fhgBIBM&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 21:07:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 21:07:52 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 20B9 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kcz_FKOzWawC-gFi-C0SAgAAAOoeEzCFSzSxX721iRAnaG1j5nAWMscA3ejJeisAEgAA&wp=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
166534
content-length
0
integrator.js
adservice.google.co.nz/adsid/ Frame 3E2D 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3E2D 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3E2D 		499 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2017014597017491&correlator=1338644276124008&eid=31070747%2C31070837&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668114471806&lmt=1644386353&dlt=1668114469920&idt=1871&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=t24eq5bw4mh3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=897867407.1668114472&ga_sid=1668114472&ga_hid=1063465115&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
2073a3508a01afc475ea2d624503aa832e60d3c6c0c78df40ece7170f24d88cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 70BE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:52 GMT
expires
Fri, 10 Nov 2023 21:07:52 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
emome2
t.ssp.hinet.net/ Frame F050 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=6fb072e4-4c1e-431c-a844-c55c93891445
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame EE62 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=6fb072e4-4c1e-431c-a844-c55c93891445
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame F050 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&n=42&o=1&d=1&b=2&ts=1&ii=2&FPCK=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:02 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
56
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
4rYfFMjjhEPmVP8SRZNdfOv9Sz5sfde9rTbMJVrQE2b4thz_YAhyBQ==
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIxMzE4NjdfMTY2ODExNDQ3MjAwNSIsInVzZXJJZCI6IjQyNjg3OF8xNjY4MTE0NDcyMDA1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODM2Mjc2XzE2NjgxMTQ0NzIwMDUiLCJwYWdlUGF0aCI6IiUyRmElMkYyMDIxd3UteWluLWxpYW5nLXBpbi16dWktcmUtbWFpLWJhby15YW5nLWhhby13dS10b3AtNS13YW5nLXphbi1ndWFuLWp1bi1nYW8tY3Atc2hpLWZ1LWJ1LXhpbi10ZW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGMjAyMXd1LXlpbi1saWFuZy1waW4tenVpLXJlLW1haS1iYW8teWFuZy1oYW8td3UtdG9wLTUtd2FuZy16YW4tZ3Vhbi1qdW4tZ2FvLWNwLXNoaS1mdS1idS14aW4tdGVuZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6ImRlc2NyaXB0aW9uUGFnZSIsImV4cGVyaW1lbnRQYWdlIjp0cnVlLCJ0aW1lc3RhbXAiOjE2NjgxMTQ0NzIwMDV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvMjAyMXd1LXlpbi1saWFuZy1waW4tenVpLXJlLW1haS1iYW8teWFuZy1oYW8td3UtdG9wLTUtd2FuZy16YW4tZ3Vhbi1qdW4tZ2FvLWNwLXNoaS1mdS1idS14aW4tdGVuZy5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvMjAyMXd1LXlpbi1saWFuZy1waW4tenVpLXJlLW1haS1iYW8teWFuZy1oYW8td3UtdG9wLTUtd2FuZy16YW4tZ3Vhbi1qdW4tZ2FvLWNwLXNoaS1mdS1idS14aW4tdGVuZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=17, origin; dur=216
content-length
555
expires
Thu, 10 Nov 2022 22:07:52 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame EE62 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&n=787&o=1&d=1&b=2&ts=1&ii=2&FPCK=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 21:07:02 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
56
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
f4OqLeCk-ShXTWP_Q2ASiSBvxXJDuW8S8MTwEwietpNnc44TdmiyGQ==
cm
t.ssp.hinet.net/ Frame F050 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF&mp=6fb072e4-4c1e-431c-a844-c55c93891445
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net/ Frame F050 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net/pixel?bd=6fb072e4-4c1e-431c-a844-c55c93891445&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net/ Frame EE62 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net/pixel?bd=6fb072e4-4c1e-431c-a844-c55c93891445&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame EE62 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF&mp=6fb072e4-4c1e-431c-a844-c55c93891445
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame F050 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=65317402942
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c39ef5c9f962bed009fa52d7e2a30b91554eb8e8805c28062f881a0c760a3d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
cdb
bidder.criteo.com/ Frame F050 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=7216866659
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
fc9fd290efae96d0a0b5fdf757b3cd6a746e13624527a7fc742ad14451124ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
integrator.js
adservice.google.co.nz/adsid/ Frame 3A5D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3A5D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3A5D 		499 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2706906081547267&correlator=3088265815043460&eid=31070812%2C31070112&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668114472156&lmt=1644386353&dlt=1668114469930&idt=2206&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=rhcyzrnbco1e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=436027965.1668114472&ga_sid=1668114472&ga_hid=533904767&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e4b826d6bfab5b6c580c7454d363107b3d5c4774680c1528bcc6cd0805be9e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog/safeframe/1-0-39/html/ Frame 8965 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:52 GMT
expires
Fri, 10 Nov 2023 21:07:52 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=1818154043;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html;uh=e51ed67dfb8d91...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1818154043;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1656673778-1668114471388;pbc=e16de5fc-b721-4906-9b69-8c3024bc0751;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668114472176;tzo=0;ogl=;ses=f5a5c65e-8782-4ebc-9e21-4217e8767d74
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		119 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1912620097269860&correlator=3736978149526334&eid=31070746%2C31070790%2C31070837%2C21065724&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-39&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74d40462552cee5%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D7537c7d8789878b%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1668114472230&lmt=1668114472&dlt=1668114466898&idt=4700&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1490982066.1668114472&ga_sid=1668114472&ga_hid=6217&ga_fc=false&ga_cid=amp-sQbmasO-OozquhJUa0xREg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
95a43f4161fe6b9c9676568c252f1f60b1ac711eef95ad759f028ebc618043ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30301
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame FC3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:52 GMT
expires
Fri, 10 Nov 2023 21:07:52 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
bidder.criteo.com/csm/ Frame F050 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame F050 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame EE62 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=7863780477
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b699e00d325cf47de93d54ff356a3c0dac7de9cc403291611dfe91886347a424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame EE62 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=89601919876
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a27c73819fe99b34fa977efd88545f3a6fd51e7bd5a741ce25f38f0fa7e6630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
privacy_small.svg
static.criteo.net/flash/icon/ Frame 230A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:52 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 230A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 230A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 21:07:52 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
52ea111d025f140e2e86905df4d3d92f55f6542b6b0876a523637d0dcedcf923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78357
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Nov 2022 21:07:52 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS8yMDIxd3UteWluLWxpYW5nLXBpbi16dWktcmUtbWFpLWJhby15YW5nLWhhby13dS10b3AtNS13YW5nLXphbi1ndWFuLWp1bi1nYW8tY3Atc2hpLWZ1LWJ1LXhpbi10ZW5nLmh0bWwiLCJ0aW1lIjoxNjY4MTE0NDcyNDgzfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
server
nginx/1.14.0 (Ubuntu)
truncated
/ Frame 20B9 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d78568ee5a1580188eb3ad7cfa140fa222f344f5bfe3410098d7356f4a45123

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
back_button2.svg
static.criteo.net/flash/icon/ Frame 230A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 21:07:52 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 230A 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=jrC2VCL_50-dZoR6DeIH6nBYceecF_9k08vIxSyXCwqpKFIuVOPgGWkULCt5h_PbHmkrWUV1Ehj8NuueH3bJKSxFSW8Tg17BJ0MCzZbDwkgIpGAZxaTxHYdtwNBuaUCpaRfwd2IdoZV3fUNeeJaGj72x9E38AUK83_5w5JgNxa-UqOT2x9xYGoHIf2Wutl86TVWGiuNwsCGFi6uX--ZRytvxR9f0vBPuPcwQbigily-HrgIZfGMQx5_VoSYAFxf6fTC7L_Vii_0K0tMavjcum717r3I_Xnuw-30yiBgSUXONBCB3IJh9w0bcncAbh-oCyKNthOJOP7mIytk-DDOEI2Exe57zP5NgArQ_vl5czji8W46Igc_b49YKrPrWM2gKiVSoqbHYIPRDXrt4OgI8BPtSWrQugX9HVfqtfnBd9-haMi_V
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2334198
expires
Mon, 26 Jul 1997 05:00:00 GMT
589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
static.criteo.net/design/dt/99951/221025/ Frame 230A 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637d-3e208"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
254472
expires
Sun, 05 Nov 2023 21:07:52 GMT
all
csm.as.criteo.net/ Frame 230A 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=jJo7TKkrtXZq4RRf71J6B7Mhdcz6Zn-k-FPjkxkCtKbcMAEdiA4GiY3_r1JAMxS0lMkTTCBVTnWN_pwyhRhQ2oNahTQh810_Dn-MG30e-43XkAGX1GKD5r8oxrV8ny4am_TqfDX4k0q522c0wJ9KN1EM5DTYF4T3rX9LVNv4gnmttnOALSqtPbLXSw0E_0bggfhgBHeE9boSzkO8sPmNCO3OsUsdx3-B0jis1GIf9PPBtoQmdl1MyBH7rwGkk8pSNkAOWQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 230A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 230A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oJwAFIBcKaNIMAAcRwGNH5ggib5ElyaFbLA&u=%7CTfeaWT5oTmzzGXfUzY1Sz1%2FvBp2PPC2A7xPU7G4l1CQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZNi26Tp2nWmH7FmCFoyWTZR0DEaPJY4cBNMtL7w_nhYjuUVeAXHHc2NVD7knK1v_LOgpbV8Vx7DnU8qWA21y4qbxWdGrMSCC_-EAzUzmYyayrVeWG7C7Lk8EzOxKriUEooXeIUQvFa7sE6pDEeazLmbcYMcInBZfvGJe13ToX2UEbrxU5VVag8XqkFP19fgAYw0e-6sYwEE3QRj0U07T8gbANMN8PXmvsXw6mTSPT-ZLWajhGKBSvbYyRIWFRlr49QZsHnpSW0LOEFgtjnh9M0EAGIda12fgFUUPz11fLT3qUMmz4tvgdrc8FPy7VC9ILOMaG1DYHNuMpdCpWhfvkGIE7riF6UZhggKyRAwfzngRXsHtS5_98r1uqvEY4rPPCaVdlOsAN3xJ84FSNBu6t4aMUmXsd-HKWzInz34axYIBwd_AInZwYDA7Wgmn0h-RxGBEDA9v_XUqmYuEIph2HEGqw1MZDAxG5a1b7zjeYMfr9Vh7EJDsHC6i8PciYtKvBHJWIf41vkmGT195tdq3ENH6_z_COilfh8PytKjRKMcLz37liY22JJjBCD-vFNxIwuwBCWM8lWRKEWzERjLS7moJerOtLIiI5g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YkEJ2htY5fAFIykowPAo5yIB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmpAjbkEsooGqY-qAMBqgSTAk_QZpdkQYEr0ARA7kfdt-svSM29gnKkBlxNalKQct4BE_IgadKSR2mZ8EesTzCwZkph0coXU2BY_Tp3CjcteQh5crqaVdyUt43TFwdep8U3okl24Um1gG7mROMOKpVWnxahBKuQSDvS17PhLSte5LPARGAOSzf2PEO8lc2lL3vrNTXRsdclcjLde21fF9Wz35VDb_rcQn6FdCGqSRgWY_CXBFkCL-wdAzDbW9bZvGKljvZZdq9Furqafe_tv9u8H5ghPIApOJ2iJoX2gbCmodMDN9-Jnhd9eRqVTdVwxAIPUt50nyMLd0Ar43dIhO2zS6X5l6233HD0EEnqPecC-AMeHA6u48W9DAh4qp-R1CYh0lwjgAb5oe3Ut9L53WKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ax0GiRnF5sL-GSJDw-_9wwCbUVg%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:52 GMT
events
bidder.criteo.com/csm/ Frame EE62 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame EE62 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3E2D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ed6fd8d6502bf0dd88361884fcbdde01bea48eccb8d385078980bebf9a46c522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12371
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame 8420 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:33 GMT
age
273380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 8420 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:33 GMT
age
273380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 8420 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:33 GMT
age
273380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 8420 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:33 GMT
age
273380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 8420 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:33 GMT
age
273380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:33 GMT
css
fonts.googleapis.com/ Frame 8420 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 19:13:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 21:07:53 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8420 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:44:18 GMT
x-content-type-options
nosniff
server
cafe
age
33815
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Fri, 11 Nov 2022 11:44:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8420 		344 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 20:28:03 GMT
x-content-type-options
nosniff
server
cafe
age
2390
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 11 Nov 2022 20:28:03 GMT
l
www.google.com/ads/measurement/ Frame 8420 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4vWbLjwd5iJfHAdyy3mhy69Xq9y0kRuogPOZrNupeTxFpdK77mEmS3smLppd1qyG-WZM9XWyEQMTUnU9iIWGMhUzF5w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8420 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CytA2KGhtY4jTGM60vgTnoayIBuG73cRrqI_l-6IL5pHgl8cvEAEguoTAM2Cr7LGF4BigAfnHt4IDyAEJqQIJ3iQEbiekPuACAKgDAcgDCqoEzQJP0NpnE-0zIGG-Teo4rFnsjaIZYmNYljeIZU3SW4mEJrygK3E09MXCgiU5gGw_JvqxeXI1gKvQigRAuaeUEYYnruJZ5nn4GUIsawJwhgjAfGFMb3dz_ju-6i7qi6JCKkVw9Zc7wfqfldbtzE8_CwHEImqcIG1-sPHi9J70SRmI-30zmUuX7tTExl2KW_PtttLPlgT7drn6vJnCAo27c7z_BfD_isIAhRARoqwsJBpeAd9G9DlCFkbX_58TWOuweBiaLSlhjgBiqYJnKVXarITV2P6JEH119i3iHgSE-X-vaJdJQY6qxS4qYjeVK-FekMJ5_VF9dIEr77usMLp1GzA252Zb9HO7e7L-SxGU8sHmoV2oSLFUDn0IbmCxF16e_jRrzgHRuxeSctMqfGRd-F7MmdDVc3alXnf0ZhPJ0hn419vFhM0rfo5jvJ28A6_ABLrF-_D3AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfvt8h9qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0LYB0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMNiBQR0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=1OVcVqJC6bk&uach_m=[UACH]&cid=CAQSPADq26N9UW9lq6YW32gwgOIJnlSNqa5Ftk5PPmGl7XXDiIADwLXhvrwnuMZ5lp80PB5G-vF45w5lrePl3RgBIBM&template_id=5000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=7567.699999809265&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiI0OGZkNWYzNS1kZmE3LTRlNDctODQ0OC0xZTk3OWJlYTkyZWQiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWVjMjMzOTVmLTBkNzAtNDk1ZC1hMTAwLWUwMzhkM2E0MjY2NiIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODExNDQ3Mjg2MX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 21:07:53 GMT
Server
nginx/1.18.0 (Ubuntu)
downsize_200k_v1
tpc.googlesyndication.com/simgad/15372123380988777094/ Frame 8420 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15372123380988777094/downsize_200k_v1?w=400&h=209
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
982ff00d81991ea6c91cc9c591984c5e744efd338ad55a33b7f4931020a2eb67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22353
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 00:53:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Nov 2023 21:07:53 GMT
truncated
/ Frame 8420 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8420 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92df956ef7b4af82ea32c728076b655c2896720a1cb70209082230866eb07132

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8420 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cbf9cbf225c591c9cb4555fafd7d778368ad987d601a1e26e1776a30add9db0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 269D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:52 GMT
expires
Fri, 10 Nov 2023 21:07:52 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 574C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:52 GMT
expires
Fri, 10 Nov 2023 21:07:52 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=7597.900000572205&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiI0OGZkNWYzNS1kZmE3LTRlNDctODQ0OC0xZTk3OWJlYTkyZWQiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWVjMjMzOTVmLTBkNzAtNDk1ZC1hMTAwLWUwMzhkM2E0MjY2NiIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODExNDQ3Mjg5Mn0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 21:07:53 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=7598.699999809265&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiI0OGZkNWYzNS1kZmE3LTRlNDctODQ0OC0xZTk3OWJlYTkyZWQiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS1lYzIzMzk1Zi0wZDcwLTQ5NWQtYTEwMC1lMDM4ZDNhNDI2NjYiLCJjb3VudHJ5IjoiTloiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2NjgxMTQ0NzI4OTJ9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 21:07:53 GMT
Server
nginx/1.18.0 (Ubuntu)
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CBE6 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
7d87f62f95256c5f24a92d25bb2320da4b98501415c59425a9d8c59ee48b13cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39916
x-xss-protection
0
server
cafe
etag
9393706207428535318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3E2D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:53 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 04B2 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
f115b3cea541e8397ba745d8dd224bbbe30a50e9e318f81f34cdee2aaedca18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39938
x-xss-protection
0
server
cafe
etag
1466528642037500982
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3A5D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
d91801c6714d7619533ad7512ae9b8588d51e38b70e9bfc6739a5ee7d5e8359f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12440
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/ Frame CBE6 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
d1e42ca077348ce1f284a0e106d6c501b2735ef1f8404da46f863d48a809767d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119493
x-xss-protection
0
server
cafe
etag
11250998438811334411
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3A5D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:53 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/ Frame 04B2 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
180da74ce9375ca42602791a0da2469f12bd1893cca6c842d6261047f6f05905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119480
x-xss-protection
0
server
cafe
etag
8386708161808089759
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:53 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 269D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CikhZKGhtY4nTGM60vgTnoayIBuna08xryKCQzssQwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAmkLC8Pf32A-4AIAqAMBqgSyAk_QS3uC9yFrIP5uk8aiWD06dBejsiNCqpDHj50HygsF79iTucdzOib146IlAEItUJqwlo8aTNYFF2sg69IoF8gbfLBlMGT7h8ehdKFwgHDDm2Sq34qibspa6B052Ihm7gwIOHQ3Z1a1Kgi8YubmTtw4e_SoW4jtpZLVjqoWVSFMkm61z2ubgJ3dlknSLQtJjPEf5niNhvfKvprS1ZktLKkp1R_Xdi3Zc2zt6T3bOu_jerOB6NGHtIrWf3b1sQZjzJ9S-BbFnaTTTh6glk9YEB9dGP1_Y8pIn1sZ7QHIYq3zalf2cJylZ4AQ8pbeEl86ZHmzr4Dw4FttmJRzRrhOQfEBsPH3iVO5ru8r9nZ3Kuy_6pCXOBK0OsQIG2YeIE0HeXEJr1SNDbjeC3VWe0RJc0KfBeAEAYAG6ub_wuyowur2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=SjBIwwcNMi4&uach_m=[UACH]&cid=CAQSPADq26N9UW9lq6YW32gwgOIJnlSNqa5Ftk5PPmGl7XXDiIADwLXhvrwnuMZ5lp80PB5G-vF45w5lrePl3RgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
winshowimg
theta219.rtb.appier.net/ Frame 269D 		42 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theta219.rtb.appier.net/winshowimg?bidobjid=tkKvt4LJBfan0Go-KGhtYw&reqid=onp7rfoygvk5oZ3vBG5ksQ&cid=fcXwMB2nTs6cVrthL4rb7g&crid=pvkqL1CYQNqIOHmY4Qm7cg&partner_id=03mSf3HNecb-&bx=Cylxwnu_oPosKqIV7qfP7Pus7r6s2rM-ujiqwyu_uYz_u1x1UDo121lDc8Q1K4lEZ4u_uqGV71Qzo4QD74Qxu1x1wmQ121l13Po9wmA1K4lNU1u_uYljoyzqUylO&impid=1&ui=CyljUmOjUbisc8M121l0MIirtI-WZY3MtslbCI3TCgJ82iinIs3foII1eM&consent=1&ddhh=ordW7M&price_encoded=Y21oKAAGKYkKj5pOAAsQ54fO6eLZnKjnfc2HBg&cachebust=205476198
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.108.98.205 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Nov 2022 21:07:54 GMT
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
w
vst.c.appier.net/ Frame 269D 		42 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vst.c.appier.net/w?cid=fcXwMB2nTs6cVrthL4rb7g&crid=pvkqL1CYQNqIOHmY4Qm7cg&bidobjid=tkKvt4LJBfan0Go-KGhtYw&partner_id=03mSf3HNecb-&tracking_ns=&ui=CyljUmOjUbisc8M121l0MIirtI-WZY3MtslbCI3TCgJ82iinIs3foII1eM&consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.254.153.194 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:54 GMT
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
gcm
a.c.appier.net/ Frame 269D
Redirect Chain
  • https://a.c.appier.net/gcm?trigger_hosted_sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=X3dTWGpJdVNCNGVNYl9ERUtHaHRZdw%3D%3D&google_redir=https%3A%2F%2Fs.c.appier.net%2Fgcm2%3Ftrigger_hosted_sync%3D1
  • https://s.c.appier.net/gcm2?trigger_hosted_sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=appier_pc&google_hm=X3dTWGpJdVNCNGVNYl9ERUtHaHRZdw%3D%3D
  • https://a.c.appier.net/gcm
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.c.appier.net/gcm
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
139.162.58.205 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1471-205.members.linode.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 21:07:55 GMT
cache-control
no-store
server
nginx
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.c.appier.net/gcm
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 269D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=23716808&cmp=187099&plc=6625281&sid=10482&dvregion=0&unit=728x90
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.88 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-88.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
moatad.js
z.moatads.com/appierdisplay844822012038/ Frame 269D 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/appierdisplay844822012038/moatad.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3eeb055d7d06c17cd648bdc6c32520c00d74a04c86007ed40820b0133ee01c4b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:04 GMT
server
AmazonS3
x-amz-request-id
VH7PQF11V0W70V4Z
etag
"08f19a6c8c3d644400f119a9a41fe2e7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=23468
accept-ranges
bytes
content-length
111147
x-amz-id-2
kB5OZ+MT3bePUVXIHsRaPxDce06FATQJ6cgBdf1HIZMjCn+rzcpVJu91QPu2gsIyHjYWhELOSKU=
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 269D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
12324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 17:42:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 269D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
12286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7417
x-xss-protection
0
server
cafe
etag
18318620284716439044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 17:43:07 GMT
l
www.google.com/ads/measurement/ Frame 269D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlxZTQy-AHSXw0OXZnstL2_oeBGRDMbCo3iabE7KQ3wG4sVGai7if6TvphAavwVSvNx7Bd2NPwUjXXamXDxB-Q8nPO5A
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 269D 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 19:10:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 269D 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:53 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 574C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFACGKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgSyAk_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOUEzmZioDUzEa_1MeGP5E0pwrWaDGH3PnlgUuaFqcboFTYTIkfzG-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=qjfPd-l-GR4&uach_m=[UACH]&cid=CAQSPADq26N9UW9lq6YW32gwgOIJnlSNqa5Ftk5PPmGl7XXDiIADwLXhvrwnuMZ5lp80PB5G-vF45w5lrePl3RgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 574C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMz_FPn1BnjYBGL4LRICAAAA-ONZtFtuTcMQJ2htY8tGJh1LaVWF4ognABIAAA&wp=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
140645
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 29E7 		46 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
38ee8c2399ccb334265b60b61a53e83a12ba38ea227833abb7447106ec85ac81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=og16U6krtXZq4RRfjIrAa-Ah7OZTj0IEFCU_PgNkRyyU27TrkqyICtcTOOk8gq4a2fB_Kv2cB56p5H8bnZLPetoPhdEA9H8t5sIdKuCfPn9isx_W_2GKuZ4gPi7nnMqqOaKiR8QDzsyAvEEqws6hRSsBALmPbY6GgBq5cSoBt9qHnRc4GB67faSAXvGXsCMyrwqkd3_2hdeMGWQcV0vCGITGXdEpu14NsEZeXlExmsE0L7Y0XrNAlyHlqxhbfvx-W7hf-HgKDSWh8LmT"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4526051
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 574C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
12324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 17:42:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B4BB 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
27989
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 574C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
12286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7417
x-xss-protection
0
server
cafe
etag
18318620284716439044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 17:43:07 GMT
l
www.google.com/ads/measurement/ Frame 574C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvYLZFv7vmRLxWQO6pPUYb9n7UpwMv7aggj3zfNGk9DyCWDdUI63wdfk1T3wwHCRSJTjlqB4ItwHUV_ymsRT2ALsZH8A
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 574C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 19:10:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 574C 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:53 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=6217&cid=1490982066.1668114472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668114473&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&dt=2021%E7%84%A1%E5%8D%B0%E8%89%AF%E5%93%81%E6%9C%80%E7%86%B1%E8%B3%A3%E4%BF%9D%E9%A4%8A%E5%A5%BD%E7%89%A9Top%205%EF%BC%81%E7%B6%B2%E8%B4%8A%E5%86%A0%E8%BB%8D%EF%BC%9A%E9%AB%98CP%E3%80%81%E6%BA%BC%E6%95%B7%E4%B8%8D%E5%BF%83%E7%96%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame CBE6 		210 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
620bff3c9020196c978136024d8f0db053f1fc4d20ce5035403188229c8a6ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame CBE6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CBE6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DDC4 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
bfa58d1390a3dcb8f858cc54c5249f1461569a963b1a6d55d4df0078a492fada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12031
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
179875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:09:58 GMT
expires
Wed, 08 Nov 2023 19:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 20DE 		783 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
d64b46dfea210d9a12deeae54f451ae367119ce81eac197fa12ed5d3e4aa7d8d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZGDyD0DXrhZT206Mhgounw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ZGDyD0DXrhZT206Mhgounw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:53 GMT
expires
Thu, 10 Nov 2022 21:07:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EB3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
179875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:09:58 GMT
expires
Wed, 08 Nov 2023 19:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 58A6 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
b448a1e16c1c927fb6883b941fe66c06445b659c36d2f1628e1a76935c46ca2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5EvfertG_2JSs-EMJotFEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-5EvfertG_2JSs-EMJotFEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:53 GMT
expires
Thu, 10 Nov 2022 21:07:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
privacy_small.svg
static.criteo.net/flash/icon/ Frame 29E7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:53 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 29E7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 29E7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 21:07:53 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8420 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 12:49:33 GMT
x-content-type-options
nosniff
age
461901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 12:49:33 GMT
pixel
cm.g.doubleclick.net/ Frame B4BB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENL3ysayPI4yrQTE1vnoEgs&google_push=ASkJ3FbBwEVAcndmlJV1zcCBC7_x4ef089IEMS6m34ant5hO4njXncPkHj...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENL3ysayPI4yrQTE1vnoEgs&google_push=ASkJ3FbBwEVAcndmlJV1zcCBC7_x4ef089IEMS6m34ant5hO4njXncPkHj-GJaXbWfRfBu3LmYBDoBBwCJK-bVRPUSCSMzbxERuR6HPlNfZ5T563EQ7sX59TficoLn3KVkDP7_iYo7sfVSmM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mel11229-MEL
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:54 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1668114474.109309,VS0,VE476
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENL3ysayPI4yrQTE1vnoEgs&google_push=ASkJ3FbBwEVAcndmlJV1zcCBC7_x4ef089IEMS6m34ant5hO4njXncPkHj-GJaXbWfRfBu3LmYBDoBBwCJK-bVRPUSCSMzbxERuR6HPlNfZ5T563EQ7sX59TficoLn3KVkDP7_iYo7sfVSmM
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B4BB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN6TSAo9TReGQr4oMwIHIg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN6TSAo9TReGQr4oMwIHIg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbHPYG2seqiZqdAUiEQ_gC9o3Wfp4ywASjs3xv1UvzrPLV5cGS8Q2uBf6L2GDp2rFEfHc7qlKTzPEFYdBRIsvF8IZRqitTTqmy9pdwLyuGjvwtYKe9-hzmk3Lq2c-F1doKpz_d83SYS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN6TSAo9TReGQr4oMwIHIg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbHPYG2seqiZqdAUiEQ_gC9o3Wfp4ywASjs3xv1UvzrPLV5cGS8Q2uBf6L2GDp2rFEfHc7qlKTzPEFYdBRIsvF8IZRqitTTqmy9pdwLyuGjvwtYKe9-hzmk3Lq2c-F1doKpz_d83SYS
date
Thu, 10 Nov 2022 21:07:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B4BB
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEGEM_l6QTm-m6-ZFwLhM3FE&google_cver=1&google_push=ASkJ3FYkutEh_q-uID-ygbbAvtncrItjRGfaYNyifbgwXCWGTUR4sLtEbEGIXp_RX6oQ36yxTur3_XFZl7VFp134J...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYkutEh_q-uID-ygbbAvtncrItjRGfaYNyifbgwXCWGTUR4sLtEbEGIXp_RX6oQ36yxTur3_XFZl7VFp134Jgs9IR-KLuYlZtyTEqcsSizr3d2BB93IKhMo2qaTgB9...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYkutEh_q-uID-ygbbAvtncrItjRGfaYNyifbgwXCWGTUR4sLtEbEGIXp_RX6oQ36yxTur3_XFZl7VFp134Jgs9IR-KLuYlZtyTEqcsSizr3d2BB93IKhMo2qaTgB9NrJqDm4QCSaA2&google_hm=AUaOfiem-UFjrxvfvzSrfD4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYkutEh_q-uID-ygbbAvtncrItjRGfaYNyifbgwXCWGTUR4sLtEbEGIXp_RX6oQ36yxTur3_XFZl7VFp134Jgs9IR-KLuYlZtyTEqcsSizr3d2BB93IKhMo2qaTgB9NrJqDm4QCSaA2&google_hm=AUaOfiem-UFjrxvfvzSrfD4
Date
Thu, 10 Nov 2022 21:07:54 GMT
Server
Apache
Connection
keep-alive
Content-Length
275
Content-Type
text/html; charset=utf-8
pub
cs.chocolateplatform.com/ Frame B4BB 		0
0
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame B4BB 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESED53PTR67WwPshyohV74nqk&google_cver=1&google_push=ASkJ3FaPWJgtZwOZ8goRmblDvrVl-1hfDBcvSNhyq2FFw8eHUs1rn_aIAHMzfpkdbh25qo3CfihWcZUhJjkRbtlXJ7RMjn_9vjdUFSOuotb49_pngd1MjRcuj7Ti7w8jI7SYjmcQ4s4BycQ
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
spacer.gif
an.yandex.ru/resource/ Frame B4BB
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESELRzPr9UU88y_onsp_dSl2k?ext-param=ASkJ3FY6oA1eQlOnOlLIWvMSPUYYiV_If7MpN-xy_6tL7eoGerlR4Tztr2-n8DYpgx7F4ahSo-9rnnlOitqx6ZkFPcGgRfvdg1rwfPu_k9wh9WfduLLCvpkSD7O0...
  • https://an.yandex.ru/mapuid/google/CAESELRzPr9UU88y_onsp_dSl2k?redir-setuniq=1&ext-param=ASkJ3FY6oA1eQlOnOlLIWvMSPUYYiV_If7MpN-xy_6tL7eoGerlR4Tztr2-n8DYpgx7F4ahSo-9rnnlOitqx6ZkFPcGgRfvdg1rwfPu_k9wh...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELRzPr9UU88y_onsp_dSl2k&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 21:07:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B4BB
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEPzOL4h9BXQuJD-GFlkYfFU&google_cver=1&google_push=ASkJ3Fbkj0YovYy02R9_W-2vMywqNSBgmKNvTjeMfNzjYslY_7fSsvxHvwhAukLa-28eB8qrenbVQkyXJIKIzrthQwVzUDao0...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3Fbkj0YovYy02R9_W-2vMywqNSBgmKNvTjeMfNzjYslY_7fSsvxHvwhAukLa-28eB8qrenbVQkyXJIKIzrthQwVzUDao0jkOqowDESJLzzMzsnmfeHCq9lAVq...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3Fbkj0YovYy02R9_W-2vMywqNSBgmKNvTjeMfNzjYslY_7fSsvxHvwhAukLa-28eB8qrenbVQkyXJIKIzrthQwVzUDao0jkOqowDESJLzzMzsnmfeHCq9lAVqe2_YZ7PpEb1T1WPaRSGOg&google_hm=bb27a829ff4724e86abfaf639461bd10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3Fbkj0YovYy02R9_W-2vMywqNSBgmKNvTjeMfNzjYslY_7fSsvxHvwhAukLa-28eB8qrenbVQkyXJIKIzrthQwVzUDao0jkOqowDESJLzzMzsnmfeHCq9lAVqe2_YZ7PpEb1T1WPaRSGOg&google_hm=bb27a829ff4724e86abfaf639461bd10
date
Thu, 10 Nov 2022 21:07:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame B4BB 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7e0oYUYQ7BfG39sAutuskzQc8iqIIEpCBWODVciExfJWpppy1HQIxmzct6hnVHihegankFnM
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
back_button2.svg
static.criteo.net/flash/icon/ Frame 29E7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 21:07:53 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 29E7 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=DITAlgCpRbeiqdUhLpbMzaRfvMCxLYGGrwLapk4IohxWZT7IEO0wJMGxeY8jsqxoVEyUUgnvC0Ly-fQ2lfTJavdO4-3GD3TeurQD0JYA2w5ZLUmS6CSUMlZz0p-V5MtoQQXRIZVOcdhUx3mUZ5-TbeYKWr51FEQeo_Cn3ay8ZfXL6GevAsmsybtBByv8_L_YcLB9r3partVLWyFDpz4WANwU6WTAUD5wQySw55j8euT03KLgNAEVVWY-ZwV3wdyyBt2XwbgXvetZIt75zVh6P63eZCjOIQqpaUb_C5myjGbEl_Boymtc1xUOJdEjeZ1r9Jk1rcW2SYOr0rjyW3XGmG1Dlf1d_IjKjhD-Am30oBGTuLk9HS6jXVsRVl83qRQlWMmq5QRD4uWP0ZhYNozbxvp6r2yk9bhyIkV3RYFtbs1AIute
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3351782
expires
Mon, 26 Jul 1997 05:00:00 GMT
6e98b2cfec6c4c9dbc2e5a5d5913cb7d_image_ad_120x600.jpeg
static.criteo.net/design/dt/99951/221025/ Frame 29E7 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/6e98b2cfec6c4c9dbc2e5a5d5913cb7d_image_ad_120x600.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
d9cf1bdc04ec9e82f94d73bc3841aa4dbd39309e1f7f647b7b01108eaad00c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637c-3cfdf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
249823
expires
Sun, 05 Nov 2023 21:07:53 GMT
all
csm.as.criteo.net/ Frame 29E7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=og16U6krtXZq4RRfjIrAa-Ah7OZTj0IEFCU_PgNkRyyU27TrkqyICtcTOOk8gq4a2fB_Kv2cB56p5H8bnZLPetoPhdEA9H8t5sIdKuCfPn9isx_W_2GKuZ4gPi7nnMqqOaKiR8QDzsyAvEEqws6hRSsBALmPbY6GgBq5cSoBt9qHnRc4GB67faSAXvGXsCMyrwqkd3_2hdeMGWQcV0vCGITGXdEpu14NsEZeXlExmsE0L7Y0XrNAlyHlqxhbfvx-W7hf-HgKDSWh8LmT&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 29E7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 29E7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:53 GMT
truncated
/ Frame 574C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca0404884e5bc4e5fe03fc250e28205df4490a2a3fa71cefe279a0ba3ce35011

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 04B2 		210 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
1585c46b01f38eed21e4ee53e347673bdfc3fc7dc397a8d5d7a2a3c30a0b9611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 04B2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 04B2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
adx.holmesmind.com/adx-file/20221110/ Frame 1545
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=ht...
  • https://adx.holmesmind.com/adx-file/20221110/wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1243
content-length
673
content-type
text/html
date
Thu, 10 Nov 2022 20:47:47 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 10 Nov 2022 10:55:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
x-amz-cf-id
zLkE8y4x60ZF38_GAxOhJullIO5z22NoVCHxJuvDkJYhwJrzgli_vw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
CvfRmlfsN6cZQ.QtgM2stS8raRAlV06x
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:55 GMT
location
https://adx.holmesmind.com/adx-file/20221110/wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 21:07:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 20DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110901&jk=2017014597017491&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 58A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110801&jk=2706906081547267&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame C2B1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 1EB3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame DDC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
12325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 17:42:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame DDC4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
12287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7417
x-xss-protection
0
server
cafe
etag
18318620284716439044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 17:43:07 GMT
l
www.google.com/ads/measurement/ Frame DDC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmI8xN1vKUkHG1GuqxCqfSXtHJvtLLRJKw2GznUBVIXSfGUNoqiuwWx6m-kCgu134KdWe7Umxn60g64Iq2y3VCSsPyQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame DDC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjqoQKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEigJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaojBzhWM6DcOpVkvGVppMeDvA3UhJ5oxWQpcGNkWG8oI_pstnRAlIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=KZr72PO_IOQ&uach_m=[UACH]&cid=CAQSPADq26N988h78wolDY3zeKgQee8ShrM_twRlC5LPNxbbL_lsk27imWaawBiNafQo9bj250P1aYgrhOHP3RgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 21:07:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame DDC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-CGEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQKWhtY8nmLjeLvAlSha6GABIAAA&wp=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
159931
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 47D4 		180 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
988bdc7e08d1098034e64026c476192d1118dec005282e25758ff622f581d516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=EE6cHKkrtXZq4RRfM66Jg_0_dWSKCvo6wM2EpYe-8inS0HBR2bb7FpkteKBS3ijhZvT8Oft7xo65L30rHp_WP8QrnxbEb3xkoiHe82Sa8YMGZMyUptoIa1IYPYsvs4JuTcDRDrHut3a8llOFKAREjReb7-G9ESzhxFGo0ny-FFdZHE3ssRdbHeLZ45RQPIVph4KcvkNpGZfbskMNcTvCMK-nXMDHeXd2ENFoYJCOSa4AvARgsb_P7XpwBCXuclPh8mxWe5NqljbnPMv2"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
65235447
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EEEA 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
27990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDC4 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:54 GMT
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame 269D 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=23716808&cmp=187099&plc=6625281&sid=10482&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.88 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-88.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 21:07:54 GMT
truncated
/ Frame DDC4 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8241200aa4bc5a8825c62ce3504d7c4a7a338dced63c39f3eb7a594be2b71c42

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame EEEA 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH9CRSC_3HfZ1neD3_nOMRY&google_cver=1&google_push=ASkJ3FZYFjZeRmnkRuM4j8OSrUEBuWlO-CuHsOqUQu5PyJRxjR5NZ-UqN0tFT_1r2FI2u4rNgyOZ8pOroFics-UIh-Sgtpq_jfMNAL_Vg-Wr29e1A9hNVs_cLLteG3e0E7omdhWtwdDEGFE2msU7Kot-Cqo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEEA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL8f6PHyTC-NrqqFwOqukjg&google_cver=1&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0er...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEL8f6PHyTC-NrqqFwOqukjg&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0er...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0erXQvBUtLlI5_Q_I0dlp89od_M5UaMUJVNGfVfITdtSJuzHa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0erXQvBUtLlI5_Q_I0dlp89od_M5UaMUJVNGfVfITdtSJuzHaNAoKaI6HKCGSFdFcU3RTpIb0&google_hm=VGVsMVNORWswSm45VlBrdldQZWM=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FacGohdgLoTBYFF9uB_Q8BAPCJPN8aFHM2HSQlmht1hgjzS25_x-P1wFWaf4S7-tCBX4z81VHZYfM0erXQvBUtLlI5_Q_I0dlp89od_M5UaMUJVNGfVfITdtSJuzHaNAoKaI6HKCGSFdFcU3RTpIb0&google_hm=VGVsMVNORWswSm45VlBrdldQZWM=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEEA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEA1dDqRO810VdoIE3tkdl9Q&google_cver=1&google_push=ASkJ3FZlfCygaiXEhEvmIG2FyXiP5oglAPyxLnMBnTnOxr9ZryQ90dvC4PhRxwwyY_CKkouu6jSkilUewyRZt6p...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qR9o63TiTUl3h9o3MqFI3XRaSsQ&google_push=ASkJ3FZlfCygaiXEhEvmIG2FyXiP5oglAPyxLnMBnTnOxr9ZryQ90dvC4PhRxwwyY_CKkouu6jSkilUewyRZt6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qR9o63TiTUl3h9o3MqFI3XRaSsQ&google_push=ASkJ3FZlfCygaiXEhEvmIG2FyXiP5oglAPyxLnMBnTnOxr9ZryQ90dvC4PhRxwwyY_CKkouu6jSkilUewyRZt6plgQTLalBYTApQDWHvnbGcqslPzt6f-xjv_QhnkP7c1HWXuY_gY2C6t36d3ZTaSBiRPXw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qR9o63TiTUl3h9o3MqFI3XRaSsQ&google_push=ASkJ3FZlfCygaiXEhEvmIG2FyXiP5oglAPyxLnMBnTnOxr9ZryQ90dvC4PhRxwwyY_CKkouu6jSkilUewyRZt6plgQTLalBYTApQDWHvnbGcqslPzt6f-xjv_QhnkP7c1HWXuY_gY2C6t36d3ZTaSBiRPXw
Date
Thu, 10 Nov 2022 21:07:55 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame EEEA
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOYYEQwoLfX7aAa9EZk_TsI&google_cver=1&google_push=ASkJ3FbUdbVvu9zseJqr3dMcf1nQUQ3ck-qWZz-_wZbuCvOjflOYog-je9lQQl4g6kM8Xf69p8ikuF4bXn3fi18KW0XS_bauII6...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbUdbVvu9zseJqr3dMcf1nQUQ3ck-qWZz-_wZbuCvOjflOYog-je9lQQl4g6kM8Xf69p8ikuF4bXn3fi18KW0XS_bauII6TYax75UiGQPpaktjJMgPUpykauyjpzQm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbUdbVvu9zseJqr3dMcf1nQUQ3ck-qWZz-_wZbuCvOjflOYog-je9lQQl4g6kM8Xf69p8ikuF4bXn3fi18KW0XS_bauII6TYax75UiGQPpaktjJMgPUpykauyjpzQmrLggxJHl3qdj3QUUX-kSpAw&google_hm=ZzZmZDliZGY3ZGQxODU0YWRiNTQ=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbUdbVvu9zseJqr3dMcf1nQUQ3ck-qWZz-_wZbuCvOjflOYog-je9lQQl4g6kM8Xf69p8ikuF4bXn3fi18KW0XS_bauII6TYax75UiGQPpaktjJMgPUpykauyjpzQmrLggxJHl3qdj3QUUX-kSpAw&google_hm=ZzZmZDliZGY3ZGQxODU0YWRiNTQ=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pub
cs.chocolateplatform.com/ Frame EEEA 		0
0
pixel
cm.g.doubleclick.net/ Frame EEEA
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESELvNavdJ5MyQ-NK8FE28SDQ&google_cver=1&google_push=ASkJ3FZyiv5d7Bqm5SLFnERkFuZUDdU4QvCG6a-Pxv0ihXXiiQorhy9TxT-OyPsOltNfbaHWq05eP9zb6CgJ4CzjzlQEIwi6OMgiD...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZyiv5d7Bqm5SLFnERkFuZUDdU4QvCG6a-Pxv0ihXXiiQorhy9TxT-OyPsOltNfbaHWq05eP9zb6CgJ4CzjzlQEIwi6OMgiDQvuaxJKy2h7Xxi2TN7MKYEhIu_pC4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZyiv5d7Bqm5SLFnERkFuZUDdU4QvCG6a-Pxv0ihXXiiQorhy9TxT-OyPsOltNfbaHWq05eP9zb6CgJ4CzjzlQEIwi6OMgiDQvuaxJKy2h7Xxi2TN7MKYEhIu_pC44e9e7Ab8EA1OYc0sV2KNCgCu4&google_hm=190e32f41106a12deff36d5782214722
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZyiv5d7Bqm5SLFnERkFuZUDdU4QvCG6a-Pxv0ihXXiiQorhy9TxT-OyPsOltNfbaHWq05eP9zb6CgJ4CzjzlQEIwi6OMgiDQvuaxJKy2h7Xxi2TN7MKYEhIu_pC44e9e7Ab8EA1OYc0sV2KNCgCu4&google_hm=190e32f41106a12deff36d5782214722
date
Thu, 10 Nov 2022 21:07:54 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
/
onetag-sys.com/match/ Frame EEEA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqtDLM0RgBtAg7bmYE-934&google_cver=1&google_push=ASkJ3Fb6D2yLlUGV8CQ61ILGejHnHJr3x4VGEvrYjSKOZykQZrSEZLGba4WPVWCLwabPcKr6xU4mqC7lqzr...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe5yjF-CWXpYune0wToiGcRiNQFuhtxA&google_push=ASkJ3Fb6D2yLlUGV8CQ61ILGejHnHJr3x4VGEvrYjSKOZykQZrSEZLGba4WPVWCLwabPcKr6xU4mqC7lqz...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EEEA 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1mkuxWuDNQyfM2jv4uOOejZUHvsEOZTkMsDPS-blFHP0yLvRYHiMNY1WGXwRZFun86Udu2Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668114473&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114473188&bpp=14&bdt=291&idt=421&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D8fe6acabe8f5ef0d%3AT%3D1668114472%3AS%3DALNI_MYsnkq6zJdtSaqHGP6J6_GQaQPd-Q&gpic=UID%3D00000b7945076446%3AT%3D1668114472%3ART%3D1668114472%3AS%3DALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ&correlator=7220869004582&frm=23&ife=1&pv=2&ga_vid=1490982066.1668114472&ga_sid=1668114474&ga_hid=308127170&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2745738731&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070762%2C31070830%2C44775017%2C44777923%2C21065724&oid=2&pvsid=2726534110511385&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7blplqw4aen&fsb=1&dtd=439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 47D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:54 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 47D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 47D4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 21:07:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 47D4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 21:07:54 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 47D4 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=jPzYRAQ97HOT_ZsBKT479o8hofafoUoJFvdAzZn9AtM8Frh89l4brewkVGTAUADlH4tXxVWoFnZ1Si1ZxcR4iVNfiW6mKwo5qTnNrw6dGkaFcSbvyJtadCuLQoTL4KiyagXzkLjWdG0bwG3WXZu2IU5iJFK2ObC67AGEHsiKEGtdjRDPQgsUOz-2XJ58fst8Xr1Yocbh2t-pUHSzTHADsw5OlXNihHLldsrf9uzs2i_v1WsyEY5JmLgnhuo-Sevc3l6GUXLO28KnC3AVjW8WiFmNWXuv69W7Hv_vbE1aukP5W9YYbm1FoT2PvyRpoUdiXpVVAwwWMa-alNqw-LZRirgCg415U9wvtQ8lW9PpWIOKJsPvduueXr_CxNVh3QUzEez5evygpn8VsRXgdctcmw7n0209Wr3jxmu-8QSQRpuut-zkIZigTZOC1DlU7hNikc4Rrg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1701721
expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame C2B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hiXzbw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
verify.js
rtb0.doubleverify.com/ Frame 269D 		653 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_777564706027&jsTagObjCallback=__tagObject_callback_777564706027&num=6&ctx=23716808&cmp=187099&plc=6625281&sid=10482&advid=&adsrv=&unit=728x90&isdvvid=&uid=777564706027&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=89&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauca7hddha2d73b6_45_b%60fgc%604dh3353d%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.10&callbackName=__verify_callback_777564706027
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0825dd11880b60c89dc7bc575774ea91d035bea7e6870a2db796e795f3abaa41

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:55 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/09/2022 21:07:55
generate_204
tpc.googlesyndication.com/ Frame 1EB3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2fvUTw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8420 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiKNWe84xQAL9NfvdgYZzLc6aKEpL3TgC74igoBI912nFQ32ZxU-5IAI3eak0gIJvgnC_HBwm2FJ_daNa2VC7iR9ALcVBFIOjzzKcumQCKpGmccdkC8aVfyBMFExPDxiKm5Vg&sai=AMfl-YQVCQuNovajZzwXNACakerKXe58TFXsDzGvY0cwNzfmnWwSB9GLzerGuiC48EBKWbsqk5rWt73VlGgJ7jy9vGOaaPD9yl1CS7gWjXtfIeipnXj1MBmcx-BBYIklPWw&sig=Cg0ArKJSzK2iEA1onTZ6EAE&cid=CAQSPADq26N9UW9lq6YW32gwgOIJnlSNqa5Ftk5PPmGl7XXDiIADwLXhvrwnuMZ5lp80PB5G-vF45w5lrePl3RgBIBM&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=751&tls=1752&g=100&h=100&tt=1752&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 47D4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:54 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=91067&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F91067%2F220923%2Feaf31751002c4266b2f86cda44bffe4a_wechat_image_20201110165504.png&v=3&w=668&s=mqtwKyLo3sAapuWko0_JeyA9
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
920b421933daabde5596f2c24fe6db87ce1969b9e760f3797a8e4f38cc223058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27166733
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5598
expires
Thu, 21 Sep 2023 07:26:49 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0042359_0.jpeg&v=3&w=400&s=m1u78rIOw4HmMN7ap3uwXGtr&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3fee35a6dd4250c39c35bf3db731a9c76184b7474d81f9f1b1695a53af56238b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29300400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3910
expires
Mon, 16 Oct 2023 00:07:56 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0044486_0.jpeg&v=3&w=400&s=mlrPvK9N6LB0wCqlq9z4QVGG&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0c73004a0aedbaafb511c76e927d6477a191dc8861d0191d2aca72a9182557b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28707520
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2762
expires
Mon, 09 Oct 2023 03:26:35 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0004759_0.jpeg&v=3&w=400&s=IpqWn60abnYodZBap0uR83XU&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
473d9e8564b9e81541deb27a43875aa1d86343582970dfa13628ab7bc3213f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29141553
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4372
expires
Sat, 14 Oct 2023 04:00:29 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0031619_0.jpeg&v=3&w=400&s=kapQSNdogAY4cmvDvOa293mN&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6a9ad5b3dc3f39261bb8a47eba3d5069eb3fc143556f549b3974323f6060219d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28966228
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3538
expires
Thu, 12 Oct 2023 03:18:24 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0039498_0.jpeg&v=3&w=400&s=fqfQSF0LT2npFT7bRbxu2Egv&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
851558ebaa88997a3b75a2cfe274783b8ed612ff3a44dff795f8e601b3695f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30810662
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7082
expires
Thu, 02 Nov 2023 11:38:58 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0045287_0.jpeg&v=3&w=400&s=QqXz72pS_2OZv-J9vdyx9AEX&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2cc7ad74dbcaa64296359bbb41713809f3b8c5121ae7a085b77eb0ed024a7209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30967349
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5150
expires
Sat, 04 Nov 2023 07:10:24 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0047493_0.jpeg&v=3&w=400&s=zxAVLWIW_nQVbzoNaSbFh-Qe&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
78d6f1b327c0d1ac06368376af263d0c65090b036cd323e4d2a065d62b59ea74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28608927
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4436
expires
Sun, 08 Oct 2023 00:03:23 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0035186_0.jpeg&v=3&w=400&s=Ik6GnzD5eksU2Un91YttgdZz&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2616a3d5bbd9c85307a942baee15442e8e31a396bb583edea0cd8955de075e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31257157
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12188
expires
Tue, 07 Nov 2023 15:40:33 GMT
img
pix.as.criteo.net/img/ Frame 47D4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0013533_0.jpeg&v=3&w=400&s=dgDqHD_J2xF0hwxLQYp8VKrY&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
fc59dfe8d20bc7bf5cc4b2ebb433aaa2587241f2063c77e6a148d2b717d19bbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28455085
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2346
expires
Fri, 06 Oct 2023 05:19:20 GMT
all
csm.as.criteo.net/ Frame 47D4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=EE6cHKkrtXZq4RRfM66Jg_0_dWSKCvo6wM2EpYe-8inS0HBR2bb7FpkteKBS3ijhZvT8Oft7xo65L30rHp_WP8QrnxbEb3xkoiHe82Sa8YMGZMyUptoIa1IYPYsvs4JuTcDRDrHut3a8llOFKAREjReb7-G9ESzhxFGo0ny-FFdZHE3ssRdbHeLZ45RQPIVph4KcvkNpGZfbskMNcTvCMK-nXMDHeXd2ENFoYJCOSa4AvARgsb_P7XpwBCXuclPh8mxWe5NqljbnPMv2&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 47D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:54 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 47D4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 21:07:54 GMT
all
csm.as.criteo.net/ Frame 29E7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=og16U6krtXZq4RRfjIrAa-Ah7OZTj0IEFCU_PgNkRyyU27TrkqyICtcTOOk8gq4a2fB_Kv2cB56p5H8bnZLPetoPhdEA9H8t5sIdKuCfPn9isx_W_2GKuZ4gPi7nnMqqOaKiR8QDzsyAvEEqws6hRSsBALmPbY6GgBq5cSoBt9qHnRc4GB67faSAXvGXsCMyrwqkd3_2hdeMGWQcV0vCGITGXdEpu14NsEZeXlExmsE0L7Y0XrNAlyHlqxhbfvx-W7hf-HgKDSWh8LmT&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKAAGKYoKj5pOAAsQ542lX3xaOv6QbsgRMg&u=%7CfZsL36R9F32kQfH8kYQfODyLgBCTVd9jxBY%2BsIY%2FA1s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3HSSu81zWhicXzCLublmCDuNq-E6cgW3daODdE1Z8sv4ADtUPIWmvPHpuJuH2WGjGDdROsSYIqb5c3x-2txf9u-i4TOKYw1FupaISkarnHIH4dRUpNzJ5UFGbWAGYkZTgzpgH2OCsbDw2iaviWpUjZJbeF2w8gXXuuwepIvO0VkUM1PK52dV2JWKaxTOVLnTPC2YASiitIXmzbQ7P145dAanYBwyk2T7-6yq7YjoO4leUk7-57nqem4vaPOn_9V9S1D9BbqFAhRZw0rXb7_479Po3y4x23PseWcjQ4qmgkph2tm395RxWHOeA4IXm9bgtWovJjrMNDAXw9l_iGQSOm-kK1bK8i_41_1VwOMyfTqC-BXZjcQH83zj1jgunLgaCFDFvRfHIP5dKqfONUgrjOeWOrLmlpEAV8lee2dmxXag9ulBWvagqw8NMTlZJMQ3QO68vx5hmmoucVAQB1iHkJ5fs65p926xdG_KKeZMyeT0nN9EBMVAlak81CNL5eJLVOylFE9cXHjxU06M1e4DDZVInw2cuuJfWvipDrLQomp8r6KpcP8fUXHvmKszd273IQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcYVKGhtY4rTGM60vgTnoayIBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAjbkEsooGqY-4AIAqAMBqgS1Ak_QrZg-nx5X0Txr4chJe29kxYDwQ6AxgzJrsrPk_j6WYBw2HTC6Rh4ltsqGSIcRi7i7jsJW4eXbrAUG7GHwxg-ezmJyidVGhf60Rp7D5x4XzVnMwnP_p7uvqKYBcXWmtrlq8solJCazmFqkclU2rIpmZ4lmgLpb2UkPHAZcFPhFjMFkkewwR5V8xU_-asv0aMUyU9YYSYUBworSX9OC_5CYhNRd6ZiKkj9uY03rq_v8HI8PxEXI2N-4m-ZW65HRCZWHdfoRZkIhcgxcP9VyMEPLaVQAQkzgUrT1S1f90g1nuSC8jWPU15oVse9poWhdBEHrCx_KwMrxZZoJs2ocFWwwNSVIi_WMwTY0DOVGzEfwRfu6b1B8QH9kstfq66GQm2vZJpHoobAfYHj2OS70ydaN5KbAh-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yWU7057BAxDfn6dijs-xIKNmzGg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 574C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPfUqoFdXf0i2akCYlXVS-dmVHLYFbssvuZn7hJQd3RhjeOHsXXhpVLoyZjpZ8VE9j8MAswwvfll8ALx1bPn0LYUCZ&sig=Cg0ArKJSzIDtqdSaXRVmEAE&cid=CAASFeRovdYNS4EKCm4G3xnOa9CT84bqvA&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668114472890&rpt=1013&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 21:07:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
226434
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		338 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2da557c408a9077ec01fb5fc9a684037d5dd35da6b988cd773b0675de84a10be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
776480
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
3e0cccc8f03ca68b73e670679b1eb68c6d62fe1a2cfc62d9a897f61c2300e62e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 10 Dec 2022 21:07:55 GMT
checksync.php
contextual.media.net/ Frame 676D 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:55 GMT
expires
Sat, 12 Nov 2022 21:07:55 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 1652 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-81.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
71292
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 01:19:45 GMT
etag
W/"3f9fe5e8418a849fb87380af5ee37be6"
last-modified
Tue, 08 Nov 2022 01:16:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 6a3d98aad6a6ea4a9a35b5590bdb3da6.cloudfront.net (CloudFront)
x-amz-cf-id
o5n5mmN_Ek_bcq6mAxj23wol1a6cEzfeNKhbL0lEjbDa9fMkhlEpkg==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b53fbd2f-551a-488c-a424-2e86d2c8da6f
x-amz-meta-codebuild-content-md5
1392d0a0af229d92a17f00e1ea0d9335
x-amz-meta-codebuild-content-sha256
ebfa1f961263d3afe7dd71dd9b123dfd9a7fb454041f01580b85f67111a14543
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8A93 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59144
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 10 Nov 2022 21:07:55 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 28 Oct 2022 06:00:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
35, 46861
X-Served-By
cache-lga13626-LGA, cache-mel11279-MEL
X-Timer
S1668114476.632121,VS0,VE0
/
onetag-sys.com/usync/ Frame CB67 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668114472029
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
47e225325ff5b91b88594d0652de8e772978a65f5e1d0cabe9770e71e051fb78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1372
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 6CB7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 21:07:55 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EFBE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
497
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7681c2b088dda82c-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:55 GMT
expires
Fri, 11 Nov 2022 01:07:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 84F6 		533 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fbe31db088d24e3bd753462210ebff9767cfcb19c9a2e5454b514291142bc680

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Thu, 10 Nov 2022 21:07:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 24D4
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
35616769c01332cf833787014f945cd785bddac1fd97dd7040a26e66dd3abd94

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 21:07:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 10 Nov 2022 21:07:55 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame DDC4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxMAwL_i-kifacRREJdR80uSGt7FYUhiUxmQYLUJDdeBv2ks2iXeab9sXqX_jMAzY2ZJxKTf9dWvfZRP813ZIl8Nd-&sig=Cg0ArKJSzD2S30xfNtTQEAE&cid=CAASFeRo76qbSFYsJV0o9t9fyJVATjoTFg&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2844491747&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668114473629&rpt=750&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-ae1.doubleverify.com/ Frame 269D 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ae1.doubleverify.com/bsevent.gif?flvr=0&impid=fb5ae5efe4964244b7dcbac427ca950b&vfdur=947&cbust=1668114475415138
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/09/2022 21:07:55
globalpassback_728x90.gif
cdn.besafe.global/ Frame 269D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.besafe.global/globalpassback_728x90.gif
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-107.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 12:30:31 GMT
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 20:03:13 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
31073
etag
"d7f0c1fa2fb2f6c6dc87372cf940f1d5"
x-amz-meta-sha256
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
13098
x-amz-cf-id
SijiWwdWOUFPsb_UhU44g6rjkQ1tgYtuGVb5wDIBppQOMeHKZhLf3Q==
x-amz-meta-s3b-last-modified
20220630T185306Z
Info.svg
ad.appier.net/4QGDNtuHG/icon/ Frame 269D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Info.svg
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.127.219 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-127-219.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
db3bb0331e0217a9b13adc92afdce74540822e9a2094a4c640a23522f6596b88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"552f8bf510a3f1d9444e387953f11f79"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1848440
x-cache-id
SEA-9af31eb4
accept-ranges
bytes
content-length
1272
expires
Fri, 02 Dec 2022 06:35:16 GMT
Info_hover_focus.svg
ad.appier.net/4QGDNtuHG/icon/ Frame 269D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Info_hover_focus.svg
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.127.219 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-127-219.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
0736033dafaea5a36203b95b7562afdd3559a4c9edf234339a886347cd032bea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"d0bf34695927ab43e5c1292a22b9bc3a"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1848429
x-cache-id
SEA-b9fa975e
accept-ranges
bytes
content-length
1272
expires
Fri, 02 Dec 2022 06:35:05 GMT
Close.svg
ad.appier.net/4QGDNtuHG/icon/ Frame 269D 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Close.svg
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.127.219 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-127-219.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
70005a712e48e89c3f725b20b3b0922ef5f13625407a0b5c3dd77daf42d95f63

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"745a2be8df143e4f3be0e0d83020aa7b"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1139077
x-cache-id
SEA-b9fa975e
accept-ranges
bytes
content-length
848
expires
Thu, 24 Nov 2022 01:32:33 GMT
Close_hover_focus.svg
ad.appier.net/4QGDNtuHG/icon/ Frame 269D 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Close_hover_focus.svg
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.127.219 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-127-219.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
3c73a0cfd4d0058fe2374484019ef7ba096708d415f7435b19d4fc9cdd0807c7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"6dbf40ccf95affe57f5e9ababaed99a5"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1774510
x-cache-id
SEA-b9fa975e
accept-ranges
bytes
content-length
848
expires
Thu, 01 Dec 2022 10:03:06 GMT
n.js
geo.moatads.com/ Frame 269D 		98 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FqPuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=APPIERDISPLAY1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&m=0&ar=48843429bae-clean&iw=3d12f45&q=2&cb=0&ym=0&cu=1668114475423&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&bo=728x90&bd=unknown&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&gw=appierdisplay844822012038&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jm=-1&fs=200871&na=776515347&cs=0&ord=1668114475423&jv=1126220234&callback=DOMlessLLDcallback_99400910
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/appierdisplay844822012038/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.127.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-127-148.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
7e5350a0771dea87efbb0409d4dc69be050a461ba8b958d5c05896da05747f3c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"c82ae797937dec9a65e354061a380971319b323d"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 269D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=APPIERDISPLAY1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&m=0&ar=48843429bae-clean&iw=3d12f45&q=3&cb=0&ym=0&cu=1668114475423&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&bo=728x90&bd=unknown&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&gw=appierdisplay844822012038&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jm=-1&fs=200871&na=862433630&cs=0
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 10 Nov 2022 21:07:55 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 09FD 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
27991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 269D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2667726471c962777e9f47fb7a418b0d28ad67a63c26b5c214d6f0fc1f85d0c3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 84F6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4156914352050536875&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4156914352050536875&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4156914352050536875&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 84F6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1f6509d4-566f-41d3-a44a-aca812e792f7&ttd_puid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1f6509d4-566f-41d3-a44a-aca812e792f7&ttd_puid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1f6509d4-566f-41d3-a44a-aca812e792f7&ttd_puid=32c1daa5-1ea6-76f1-c1bf-44d8409b34ac&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 84F6
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y21oLMCo5ukAAPFLA2kAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y21oLMCo5ukAAPFLA2kAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
48
Date
Thu, 10 Nov 2022 21:07:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":48,"gdpr":false,"ipv4":"116.90.74.196","key":"Y21oLMCo5ukAAPFLA2kAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40364"}
X-SO-Key
Y21oLMCo5ukAAPFLA2kAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40364
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y21oLMCo5ukAAPFLA2kAAAAA
Cache-Control
private
X-SO-HostName
a-ad40364.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-IP
116.90.74.196
sd
jp-u.openx.net/w/1.0/ Frame 84F6
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT2xhy1s28Hzks8ADwG0vnw9Rs8AAAGEY17t0w
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT2xhy1s28Hzks8ADwG0vnw9Rs8AAAGEY17t0w
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT2xhy1s28Hzks8ADwG0vnw9Rs8AAAGEY17t0w
cache-control
no-cache
content-length
0
x-amz-cf-id
YP5zYHJbNjk5JQlksH8i7-8EAxfC2YsaOM-AqFFJ2B9yKSbg-HwzCw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 84F6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVhZTA5NmYtZDdkMS0yODU1LWQ0NWYtMWU2MThhNzlmYWNj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 84F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGP30txdLJGcdwtU20V0h0U&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGP30txdLJGcdwtU20V0h0U&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGP30txdLJGcdwtU20V0h0U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame CB67
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=985a636d-682c-4600-b758-90d1ab658a31&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=985a636d-682c-4600-b758-90d1ab658a31&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=985a636d-682c-4600-b758-90d1ab658a31&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 21:07:55 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CB67 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame CB67
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6170091816546164090
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6170091816546164090
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 21:07:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6b44b996-4de9-44e4-bed4-25ca25eb2ac7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6170091816546164090
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CB67 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=f6n9GGe5uqpMKYysaWdm6hnubDNkegahPr3iwPgLOZo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CB67
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe60UwAYilrwU_93Y_0gF6HhVGGaMUqA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe60UwAYilrwU_93Y_0gF6HhVGGaMUqA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe60UwAYilrwU_93Y_0gF6HhVGGaMUqA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame CB67 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
content-length
0
/
onetag-sys.com/match/ Frame CB67
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCKzQtZsGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CB67
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SjYlMv-qBaYsWkaRxMG3BlJ_pHSmlXdQYG-pUOIDVMc
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SjYlMv-qBaYsWkaRxMG3BlJ_pHSmlXdQYG-pUOIDVMc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DSXKC9HW7ED7XDVBBJRS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SjYlMv-qBaYsWkaRxMG3BlJ_pHSmlXdQYG-pUOIDVMc
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame CB67 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-length
0
/
onetag-sys.com/match/ Frame CB67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAqtDLM0RgBtAg7bmYE-934&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAqtDLM0RgBtAg7bmYE-934&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAqtDLM0RgBtAg7bmYE-934&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame CB67 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame CB67
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame CB67 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668114472029
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
all
csm.as.criteo.net/ Frame 47D4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=EE6cHKkrtXZq4RRfM66Jg_0_dWSKCvo6wM2EpYe-8inS0HBR2bb7FpkteKBS3ijhZvT8Oft7xo65L30rHp_WP8QrnxbEb3xkoiHe82Sa8YMGZMyUptoIa1IYPYsvs4JuTcDRDrHut3a8llOFKAREjReb7-G9ESzhxFGo0ny-FFdZHE3ssRdbHeLZ45RQPIVph4KcvkNpGZfbskMNcTvCMK-nXMDHeXd2ENFoYJCOSa4AvARgsb_P7XpwBCXuclPh8mxWe5NqljbnPMv2&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y21oKQALo2UCrIhoAAgX07z2ihg5xHAhMMZIvg&u=%7CEluiMulUmn1hF%2FYqWaktHQFKiMKLVw7Hz9b%2F5VDqIdQ%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbEwNc320LVeu-v69vybtY8T1_qhCjlrGgI9-kVAgZgo-Ib9e1i9-rTgShGo8a7qfPsaDxX7r_rlQpbaH9mkaQo0mly4UDxjimXJOzs0KCiCq_QP-yG5AdK2ZRKAMggWjZ034oJHtIJKaJK8t8srOuxryUtywkXqhTS0yGION8I2o00SqhhMjhjFXUe2U_71m4kMhcdZlWebfHvjIDoh-CdpvaQA5BSG3KMeM6GF0jojuipU0ENUvhaam-x4FXGYX6y80iuHj2uZZuS0uIsAcXVzZvdElmk7wm8OKMyA8wIC2A_mDP1qAP5bS8EWYtiY4XKYhryW1HMWa9_dYtZ1BHKpJ42YvxgXnA9bUGTPbTbYNtyxesD0JSxkI7OXu8ozsG5j6yagfjq25EhW0hfrUJTi2TxtOfBryy4z9iObEiGiRni9ks2KCIQL4T7Gn-_qVWxgOTJcA03YNJYWanEXFs4EaEuPlT4deAlOP81haRPWP4T31PbeyCRrxmwQznL6kjWPO5nPyB130DlRuEAh4a0JsDiK6DAnCHC4Kz8j510l_ptSr6odknAxgb8BE-dX1PohJ7TtOt8TpiQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmKYMKWhtY-XGLuiQssUP06-guAWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJmOKX7ICCmPqgDAaoEjQJP0M2-az80cz2d95iCMWJmL4G1Ts6N1H6aB30jW2Co2Qk5FsUaK7Z35ICTfpV594PULztmN76DrseXidbQ_lfXiNWuCYRFgLDDjPcdmTqOP9nRfIMPLnJBEkwQHgYqNmLUU8ehdnVVT4jQtFVBdRVl-4TMBQQiYufNMWVtvMB6SCW_UzYb8nRZukMod_I-XePRxnLkOTGOlz-NGZWVjHbEBn4I9WjurKETg80u7R5jsAkkU8XNtcjB9CtVfMMXxvqW2qrrCAmx26gJ-8DG5Oi-AL1nrs7C6AMishz-lOAwHjaczaphBRnE1m5VRGrtzfuC8l1AlRneE5RG3YyhgzX-kdE2D-KLXeU-a6JOv4AGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33YdrL1o1-MgOEavmktW2Za-NVCw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1545 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/wBT9VwPyJuM78oeerDeQvvTsiGDdzCr3leWIWBFN.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
800fbe7a12b2a4295f70d2a15dd5ad0b2c7c1b549d3df231a2f2d0c3bd01aa1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39948
x-xss-protection
0
server
cafe
etag
2373934805502088485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A0DF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a782b4620679d8903a0ba5e8476140524c70aa3bf951c93ec14be7c4f9ffaeda

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7681c2b5af8afb94-AKL
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 21:07:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW1PZ4xKhluwpsPC4ISxepXupbjWW1NeK46vYhEp7buyG5%2FdD5RZ%2FLEC9BjBIs4VSIqn0%2BjgRvdhiIJ%2FvsK5sQBHvQPTUtpGqchH%2BeCv8UXSXBTQiA3EO1lkwIBjskmqR1dp4F1TPCvb2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7681c2b36b79a8d0-SYD
content-length
0
date
Thu, 10 Nov 2022 21:07:56 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt3SEzGZ76iF05G3fxKfOnhqe%2BH9Av9hd%2F2jgEA9ztG0TrxCp%2Fc7DSDS7sk4Xl4Ysho2OltjzAdfYePbFIlnOS8g0GISVM9AZDava5e%2FZql2IS9sVgEh6mjStO%2BG342EFXR%2FicUn2oBeeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 8A93 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:55 GMT
AN-X-Request-Uuid
92dacd78-8013-45dd-9302-b0d9d34d6e7e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPpsVwaOggTXNtYzhjqK01o&google_cver=1&google_push=ASkJ3FYVej-Ooseu3RKKY4NTQ9j67GIeWi9uNJpBEGTF_FlBxsf46ZaFVjr4nVAZ_5tx6b7lQ8hcu3suse...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYVej-Ooseu3RKKY4NTQ9j67GIeWi9uNJpBEGTF_FlBxsf46ZaFVjr4nVAZ_5tx6b7lQ8hcu3suseoXfxwQz07G_Goqgpl1jK4YEaApqt2I8JDXEASasE5__CeJp3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYVej-Ooseu3RKKY4NTQ9j67GIeWi9uNJpBEGTF_FlBxsf46ZaFVjr4nVAZ_5tx6b7lQ8hcu3suseoXfxwQz07G_Goqgpl1jK4YEaApqt2I8JDXEASasE5__CeJp3cQfwqzQMwP-i2U8wqblEX_s1c&google_hm=bEpzQ21HVHlvbHRhd21YOVlnb1BFUkYyZUFj&from_google=pc1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:56 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYVej-Ooseu3RKKY4NTQ9j67GIeWi9uNJpBEGTF_FlBxsf46ZaFVjr4nVAZ_5tx6b7lQ8hcu3suseoXfxwQz07G_Goqgpl1jK4YEaApqt2I8JDXEASasE5__CeJp3cQfwqzQMwP-i2U8wqblEX_s1c&google_hm=bEpzQ21HVHlvbHRhd21YOVlnb1BFUkYyZUFj&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&google_nid=index&google_push=ASkJ3FaeZ7VHV_i2VD4gQ-Y9L2YIhI4T2997p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&google_nid=index&google_push=ASkJ3FaeZ7VHV_i2VD4gQ-Y9L2YIhI4T2997p_1BXOgHhFtsdhLRmajE9TyiMStTjnurByq46XDDBe110DNg2AutW3znAiVFvh_MeuBCKdIq-JvsrXIPrsx0P8kdNGh_Ity_45crYuz73KipyHot2Nf4vA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzpRSPeTEMLo%2FuLmEfcXn7FBjmdOcqwcdYRDUe8rL9TJbxI1gSXcT4Z8G%2FyiemBl4Tom%2FX%2FuhBoQrYgZIIoIDKC1F6Z5wxAT%2Bev5mPZRvGwYR%2FF1WGh%2B6KCpzWs5Ievaub0scgzjSs1Dew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&google_nid=index&google_push=ASkJ3FaeZ7VHV_i2VD4gQ-Y9L2YIhI4T2997p_1BXOgHhFtsdhLRmajE9TyiMStTjnurByq46XDDBe110DNg2AutW3znAiVFvh_MeuBCKdIq-JvsrXIPrsx0P8kdNGh_Ity_45crYuz73KipyHot2Nf4vA
cache-control
no-cache
cf-ray
7681c2b5af8cfb94-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOwbIXOziNzvDbo3DaweYug&google_cver=1&google_push=ASkJ3FYur0Ge9lwfL2GH0kJR5ePocbHr8_OTvVxQ0EZ4YnECrLLEa_rJFkiGhFVozwOveVB1IYHqBeuXroRpxXSu...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=9a078c3b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYur0Ge9lwfL2GH0kJR5ePocbHr8_OTvVxQ0EZ4YnEC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=9a078c3b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYur0Ge9lwfL2GH0kJR5ePocbHr8_OTvVxQ0EZ4YnECrLLEa_rJFkiGhFVozwOveVB1IYHqBeuXroRpxXSupW-IYVQtfQkQiv_A-wxax5jz8af-vYQQxuDeqxIyed27SNrsCJ9agPGtmbDdaBTSC6w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=9a078c3b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYur0Ge9lwfL2GH0kJR5ePocbHr8_OTvVxQ0EZ4YnECrLLEa_rJFkiGhFVozwOveVB1IYHqBeuXroRpxXSupW-IYVQtfQkQiv_A-wxax5jz8af-vYQQxuDeqxIyed27SNrsCJ9agPGtmbDdaBTSC6w
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
xq7sGznLIeK7Chb3-iRT7XyQTS7CMXUgGMS6wRUoOBZ_445HASFH6g==
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEGEM_l6QTm-m6-ZFwLhM3FE&google_cver=1&google_push=ASkJ3FaNyzsvlPgcCJSImncZ8YiFYwP2ctH56Bgeoe0H8FQjI6SBvljvuF4a27JG4kVbVBNFOA-N7ZVvmkbPq_EOj...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FaNyzsvlPgcCJSImncZ8YiFYwP2ctH56Bgeoe0H8FQjI6SBvljvuF4a27JG4kVbVBNFOA-N7ZVvmkbPq_EOjptroKs3J04_nXaIwMM0cOM6rm6kApQTGctlcvvPYcz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FaNyzsvlPgcCJSImncZ8YiFYwP2ctH56Bgeoe0H8FQjI6SBvljvuF4a27JG4kVbVBNFOA-N7ZVvmkbPq_EOjptroKs3J04_nXaIwMM0cOM6rm6kApQTGctlcvvPYczAlhaNyL325Ffe5XkCRIUw2Po&google_hm=AUaOfiem-UFjrxvfvzSrfD4
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FaNyzsvlPgcCJSImncZ8YiFYwP2ctH56Bgeoe0H8FQjI6SBvljvuF4a27JG4kVbVBNFOA-N7ZVvmkbPq_EOjptroKs3J04_nXaIwMM0cOM6rm6kApQTGctlcvvPYczAlhaNyL325Ffe5XkCRIUw2Po&google_hm=AUaOfiem-UFjrxvfvzSrfD4
Date
Thu, 10 Nov 2022 21:07:55 GMT
Server
Apache
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAVgvnQa37rWm1eBHFBWQGk&google_cver=1&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJVJL2wy-2HGLiwYNb8PT036jmeEIXqEmyGAckoneFM4LvE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJVJL2wy-2HGLiwYNb8PT036jmeEIXqEmyGAckoneFM4LvE3XdLpW6iBFLg-mfXLY8fIZJTpYCZ9ta3k&google_hm=WTIxb0xNQ281dEVBQU9FWkJmWUFBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
20
Date
Thu, 10 Nov 2022 21:07:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEAVgvnQa37rWm1eBHFBWQGk&google_cver=1&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJVJL2wy-2HGLiwYNb8PT036jmeEIXqEmyGAckoneFM4LvE3XdLpW6iBFLg-mfXLY8fIZJTpYCZ9ta3k","cluster_id":20,"gdpr":false,"ipv4":"116.90.74.196","key":"Y21oLMCo5tEAAOEZBfYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40390"}
X-SO-Key
Y21oLMCo5tEAAOEZBfYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40390
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYbTy-VUjbiMsNxvHjW5bejy3G8Lq9v8EJD7yT5m-QesWhDEwrfertdvHs7TVgvHHvsR-IdJVJL2wy-2HGLiwYNb8PT036jmeEIXqEmyGAckoneFM4LvE3XdLpW6iBFLg-mfXLY8fIZJTpYCZ9ta3k&google_hm=WTIxb0xNQ281dEVBQU9FWkJmWUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40390.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-IP
116.90.74.196
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENsdFEWXsjwVCPwtrttJ6ck&google_cver=1&google_push=ASkJ3FZJ7kOiTYs5TnHMYXRDWq5_ReFETo61tvyeAc-KjQdNuPvYI9rgE06ExqD7oWqR3ZcCYzSCMBaDxWoFQxzBO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NjIxM2JjMjItNDQwMy00Y2Y1LTgyOTQtNzI0OTY5YzQ3YjY5&google_push=ASkJ3FZJ7kOiTYs5TnHMYXRDWq5_ReFETo61tvyeAc-KjQdNuPvYI9rgE06ExqD7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NjIxM2JjMjItNDQwMy00Y2Y1LTgyOTQtNzI0OTY5YzQ3YjY5&google_push=ASkJ3FZJ7kOiTYs5TnHMYXRDWq5_ReFETo61tvyeAc-KjQdNuPvYI9rgE06ExqD7oWqR3ZcCYzSCMBaDxWoFQxzBObO6z2ydgZvbY6rr5NlhDJXQbxxwFrb7XZYLLCVaNMrlH40HyJjhudewjxrJx9vYWFh6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NjIxM2JjMjItNDQwMy00Y2Y1LTgyOTQtNzI0OTY5YzQ3YjY5&google_push=ASkJ3FZJ7kOiTYs5TnHMYXRDWq5_ReFETo61tvyeAc-KjQdNuPvYI9rgE06ExqD7oWqR3ZcCYzSCMBaDxWoFQxzBObO6z2ydgZvbY6rr5NlhDJXQbxxwFrb7XZYLLCVaNMrlH40HyJjhudewjxrJx9vYWFh6
date
Thu, 10 Nov 2022 21:07:56 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 09FD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMMQdHcojTdEP-RIOTOVyXU&google_cver=1&google_push=ASkJ3Fa6qT9g0iYuL...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE3MDA5MTgxNjU0NjE2NDA5MA%3D%3D&google_gid=CAESEMMQdHcojTdEP-RIOTOVyXU&google_cver=1&google_push=ASkJ3Fa6qT9g0iYuL2Fvjul4-Ckbw-Whe3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE3MDA5MTgxNjU0NjE2NDA5MA%3D%3D&google_gid=CAESEMMQdHcojTdEP-RIOTOVyXU&google_cver=1&google_push=ASkJ3Fa6qT9g0iYuL2Fvjul4-Ckbw-Whe3DgivsK-Jhr8ixEwbEwfi4baUGg2eAYBgnWfPlX4LetQdCsB2a7mk3x9iq8bDO0jqZOgOHBa-JPSR0qoiJ-45FYcJ1tTCMdUQJznQu8MO7O7_8JEpVttbqM4HLi
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cd280c44-46c0-47e1-8f78-41a16ccbfb1a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE3MDA5MTgxNjU0NjE2NDA5MA%3D%3D&google_gid=CAESEMMQdHcojTdEP-RIOTOVyXU&google_cver=1&google_push=ASkJ3Fa6qT9g0iYuL2Fvjul4-Ckbw-Whe3DgivsK-Jhr8ixEwbEwfi4baUGg2eAYBgnWfPlX4LetQdCsB2a7mk3x9iq8bDO0jqZOgOHBa-JPSR0qoiJ-45FYcJ1tTCMdUQJznQu8MO7O7_8JEpVttbqM4HLi
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 09FD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jd79zBiClAfJ3FuT3oRQuwINwergQGNGHZcsuQcWE269aT1mRZ93zW8ioIs-whk6w_PCtAtDU
Requested by
Host: 42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
URL: https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame CBE6 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
03a341ac7d5ff6045bbde5c16b6b56d840d26620de95ba34206219304e59134f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12371
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/ Frame 1545 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
4b7f8cebac80f2335a4c7b6e7dafdbd253dbf28611433a96f14507adc3ce0685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119447
x-xss-protection
0
server
cafe
etag
2889040481089548874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:56 GMT
usync.js
eus.rubiconproject.com/ Frame 6CB7 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec4bf3e64407fef38d1bf563a09254ac3e5893ac7e2e9882b4d39ee81420f46e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 04:56:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28165
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 04:57:21 GMT
sync
gum.criteo.com/ Frame 676D 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
524587
expires
60
usync.html
eus.rubiconproject.com/ Frame F5DB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 21:07:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 21:07:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 290C
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Drkt%26refUrl%3D%26vid%3D811447602731111607574436160...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=rkt&refUrl=&vid=81144760273111160757443616000V10&ovsid=1921700046369469050
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=rkt&refUrl=&vid=81144760273111160757443616000V10&ovsid=1921700046369469050
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 21:07:57 GMT
expires
Thu, 10 Nov 2022 21:07:57 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 10 Nov 2022 21:07:57 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=rkt&refUrl=&vid=81144760273111160757443616000V10&ovsid=1921700046369469050
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C16F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dpba%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120476
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 12 Nov 2022 06:35:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 676D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dapx%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=apx&refUrl=&vid=81144760273111160757443616000V10&ovsid=6170091816546164090
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=apx&refUrl=&vid=81144760273111160757443616000V10&ovsid=6170091816546164090
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:56 GMT

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
54af022a-dd42-48e9-9c14-507cd2134efe
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=apx&refUrl=&vid=81144760273111160757443616000V10&ovsid=6170091816546164090
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 676D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3111160757443616...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=opx&refUrl=&vid=81144760273111160757443616000V10&ovsid=faedb33a-b5a6-4c11-a2f0-3ab6f274a670
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=opx&refUrl=&vid=81144760273111160757443616000V10&ovsid=faedb33a-b5a6-4c11-a2f0-3ab6f274a670
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:56 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:56 GMT

Redirect headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3111160757443616000V10&type=opx&refUrl=&vid=81144760273111160757443616000V10&ovsid=faedb33a-b5a6-4c11-a2f0-3ab6f274a670
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 676D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dmma%26refUrl%3D%26vid%3D811447602731111607574436...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=mma&refUrl=&vid=81144760273111160757443616000V10&ovsid=3448636d-682c-4000-85eb-b55489834e65
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=mma&refUrl=&vid=81144760273111160757443616000V10&ovsid=3448636d-682c-4000-85eb-b55489834e65
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:56 GMT

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=mma&refUrl=&vid=81144760273111160757443616000V10&ovsid=3448636d-682c-4000-85eb-b55489834e65
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 21:07:55 GMT
cksync.php
contextual.media.net/ Frame 676D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111160757...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1522057773
  • https://sync.1rx.io/usersync/tradedesk/56dd1a37-4dba-47d0-839f-f69969cfcfff
  • https://sync.targeting.unrulymedia.com/csync/RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:59 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
date
Thu, 10 Nov 2022 21:07:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX63cb60118ffd429a9d8e327998fde7a4004
content-type
text/html
cksync
cs.media.net/ Frame 676D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExMTE2MDc1NzQ0MzYxNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbao6o61ar8NcWdLtnmowg&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbao6o61ar8NcWdLtnmowg&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.213.140.31 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:56 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 21:07:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbao6o61ar8NcWdLtnmowg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 676D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Ddxu%26refUrl%3D%26vid%3D81144760273111160757443...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Ddxu%26refUrl%3D%26vid%3D81144760273111160...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=dxu&refUrl=&vid=81144760273111160757443616000V10&ovsid=BY25HUeh1OTeMc5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=dxu&refUrl=&vid=81144760273111160757443616000V10&ovsid=BY25HUeh1OTeMc5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:57 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=dxu&refUrl=&vid=81144760273111160757443616000V10&ovsid=BY25HUeh1OTeMc5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 676D 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
149179
expires
Thu, 10 Nov 2022 00:00:00 GMT
v2
odr.mookie1.com/t/ Frame 676D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5a5e5a27-67b6-4fe8-af18-a5aa5ebb4e07&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526530812281824069&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526530812281824069&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=7c9b3b95-3bbb-445c-be84-609096a6ea96&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523223482756687237&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232923304331012879751&ssp=medianet&gdpr=0&gdpr_consent=
0
0
cksync.php
contextual.media.net/ Frame 676D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dzem%26refUrl%3D%26vid%3D81144760273111160757443616...
  • https://stags.bluekai.com/site/23178?id=Tel1SNEk0Jn9VPkvWPec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKUMVWDCU2OIVVTASTOHFLFA23WK5IGK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=Tel1SNEk0Jn9VPkvWPec&refUrl=&type=zem&vid=81144760273111160757443616000V10&vsid=3111160757443616000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=Tel1SNEk0Jn9VPkvWPec&refUrl=&type=zem&vid=81144760273111160757443616000V10&vsid=3111160757443616000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:57 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=Tel1SNEk0Jn9VPkvWPec&refUrl=&type=zem&vid=81144760273111160757443616000V10&vsid=3111160757443616000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 676D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3111160757443616000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3111160757443616000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=26f40fd5-bf30-449b-94af-dddee1504444&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=26f40fd5-bf30-449b-94af-dddee1504444&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:58 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=26f40fd5-bf30-449b-94af-dddee1504444&cs=1
Date
Thu, 10 Nov 2022 21:07:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 676D 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Demx%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.33.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-33-18.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 676D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=56dd1a37-4dba-47d0-839f-f69969cfcfff
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=56dd1a37-4dba-47d0-839f-f69969cfcfff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.213.140.31 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:56 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 21:07:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=56dd1a37-4dba-47d0-839f-f69969cfcfff
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame 24D4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=56dd1a37-4dba-47d0-839f-f69969cfcfff&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=56dd1a37-4dba-47d0-839f-f69969cfcfff&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=56dd1a37-4dba-47d0-839f-f69969cfcfff&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 24D4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAyMjczMjk2NDQwMDUwODMyMzM5Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 24D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECP3yl2ppaVdKcU0Bv_Q7LY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECP3yl2ppaVdKcU0Bv_Q7LY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECP3yl2ppaVdKcU0Bv_Q7LY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24D4
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAyMjczMjk2NDQwMDUwODMyMzM5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAyMjczMjk2NDQwMDUwODMyMzM5Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDAyMjczMjk2NDQwMDUwODMyMzM5Nw%3D%3D
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 24D4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4022732964400508323397&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4022732964400508323397&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e9247e92-4488-462a-a08f-a7e7d31cbbb7&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e9247e92-4488-462a-a08f-a7e7d31cbbb7&_noobservation=1&_expected_cookie=5fd3159...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e9247e92-4488-462a-a08f-a7e7d31cbbb7&_noobservation=1&_expected_cookie=5fd3159fbcd87bfcca2226bf1d086220
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.98.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 10 Nov 2022 21:07:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7681c2bdfc2daaf9-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e9247e92-4488-462a-a08f-a7e7d31cbbb7&_noobservation=1&_expected_cookie=5fd3159fbcd87bfcca2226bf1d086220
date
Thu, 10 Nov 2022 21:07:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7681c2bc7a8faaf9-SYD
content-length
0
v2
odr.mookie1.com/t/ Frame 24D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4022732964400508323397&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4022732964400508323397&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=94338d19-45d3-4fea-a942-a84d322affc6&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10523223482756687237&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10523223482756687237&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=7c9b3b95-3bbb-445c-be84-609096a6ea96&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10523223482756687237&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232613304331012876708&ssp=triplelift&gdpr=0&gdpr_consent=
0
0
xuid
eb2.3lift.com/ Frame 24D4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4022732964400508323397?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-B5UJ.plE2oQ5g7tRKTEtNanef_.FP.DGJ0uFLnKQLA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-B5UJ.plE2oQ5g7tRKTEtNanef_.FP.DGJ0uFLnKQLA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-B5UJ.plE2oQ5g7tRKTEtNanef_.FP.DGJ0uFLnKQLA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 24D4
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4022732964400508323397
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4022732964400508323397&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4022732964400508323397&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4W6XGRR8HV70C0TPS7QY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4022732964400508323397&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 24D4 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4022732964400508323397&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C0CB09F76C343E38D7BEA435402D8D9 Ref B: SYD03EDGE1407 Ref C: 2022-11-10T21:07:56Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 24D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6170091816546164090&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6170091816546164090&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
162ceb6c-9f78-4431-ba30-472d2e4dfc5f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6170091816546164090&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CBE6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js?bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:56 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 1545 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1545 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame 799E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=1108905291&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
363
content-length
801
content-type
text/html
date
Thu, 10 Nov 2022 21:02:40 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
x-amz-cf-id
EAs5GR0nPYwLmBk6Z0B9bXSWQX8XABPfYVAF-TzZz4IVOeiJTtfLqw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:56 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 6CB7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yk-9wUXimKmLktVFXdAjcw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6966794192516001193
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6966794192516001193
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 10 Nov 2022 21:07:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6966794192516001193
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6CB7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6CB7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BxqSu7zVTmOfebo8j8irtQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BxqSu7zVTmOfebo8j8irtQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BxqSu7zVTmOfebo8j8irtQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Server
67.220.226.232 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7HK34TQAQKRYSH4XJPNC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=BxqSu7zVTmOfebo8j8irtQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6CB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbv_JlfyjuWyg4kaWyKLT0&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbv_JlfyjuWyg4kaWyKLT0&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbv_JlfyjuWyg4kaWyKLT0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6CB7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY1MzM1MWY4NTRmNTQ1M2M5OTFmOTQ1YmE4NDQ3NjEzY2Q3MDk2Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY1MzM1MWY4NTRmNTQ1M2M5OTFmOTQ1YmE4NDQ3NjEzY2Q3MDk2Zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY1MzM1MWY4NTRmNTQ1M2M5OTFmOTQ1YmE4NDQ3NjEzY2Q3MDk2Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6CB7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCS0FDMkEtSi02ODFH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCS0FDMkEtSi02ODFH
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCS0FDMkEtSi02ODFH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 6CB7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HScPfnEaTrqq68hJ8YiLgQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HScPfnEaTrqq68hJ8YiLgQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HScPfnEaTrqq68hJ8YiLgQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XR32VCEJA033PNRXNPC2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HScPfnEaTrqq68hJ8YiLgQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6CB7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LABKAC2A-J-681G
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LABKAC2A-J-681G
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0C64418B9E164D56AFAC4F1D7F4C8C86 Ref B: SYD03EDGE1107 Ref C: 2022-11-10T21:07:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtJCrfhg2wIg5vAxZWzw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LABKAC2A-J-681G
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AAF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
179878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:09:58 GMT
expires
Wed, 08 Nov 2023 19:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 297B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
360fc1d8a69fa3854fac98a563f8dbe6da26440e82c6fa77503db7574ae98fe1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jLwknwOi31O1YbVpc_yfPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-jLwknwOi31O1YbVpc_yfPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:56 GMT
expires
Thu, 10 Nov 2022 21:07:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
13926
g2.gumgum.com/usync/ Frame 48FB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.216.82 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-216-82.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcef7cfad3363ef36a16fd99bef94a00b40e7335bd8646b706856ce61172c60a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 21:07:57 GMT
etag
W/"0cc96d10158b0a2093a337a6ed1d7afa1"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame CF99 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
c9545fac0e8761788301b87913a9c8a7ae5c6297e3a26848df3e2f33cd27134e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1360
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 35A0 		859 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ad1e0186c57ad18e9e1cdbb41ec1767ce7296a2b46d7f09cc2bdc2db6aec5c70

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
859
content-type
text/html
date
Thu, 10 Nov 2022 21:07:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0413 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5655d27c5f4ca148bc9027710b85b914bcf13c1e39e40c0bff5a95fdae5fecec

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7681c2b60ffefb94-AKL
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 21:07:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9enjVJ9VsW0lwroU70hYKt1FZB0Pc1muTm4vXtScpoiqbGcpCBDb7gLYi%2FuuEKPD5%2F6hgne2tmdRhPyk9GKFFORNrQ4%2F3wB%2BkoOqDP6hip6ERWN9vlB89fvwHjXilBKPtDjFCo2%2B1VT5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4469
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:56 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 21:07:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFC4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120476
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 12 Nov 2022 06:35:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 1652
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6170091816546164090
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6170091816546164090
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d1db6ac4-af59-449b-a841-3ff6568168fa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=6170091816546164090
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1652
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FoTzERZHD24cRODNT9G37dA9
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoTzERZHD24cRODNT9G37dA9
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FoTzERZHD24cRODNT9G37dA9
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1652
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FoTzDLZHPcUPQSFcQZuP4ONZ
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoTzDLZHPcUPQSFcQZuP4ONZ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 21:07:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FoTzDLZHPcUPQSFcQZuP4ONZ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cksync.php
contextual.media.net/ Frame 1652
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668114476943
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2031110679
  • https://sync.1rx.io/usersync/tradedesk/56dd1a37-4dba-47d0-839f-f69969cfcfff
  • https://sync.targeting.unrulymedia.com/csync/RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:59 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3111160757443616000V10&type=r1&refUrl=&vid=81144760273111160757443616000V10&ovsid=RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004
date
Thu, 10 Nov 2022 21:07:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX63cb60118ffd429a9d8e327998fde7a4004
content-type
text/html
sync
ads.servenobid.com/ Frame 1652
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1974054390330761123
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1974054390330761123
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1974054390330761123
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 1652 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 1652
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F13275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%...
  • https://prebid.a-mo.net/cchain/0/13275?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3c87ce0e-e654-4dcc-bbda-49a5d0c5f009&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F13275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
  • https://prebid.a-mo.net/cchain/1/13275?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3c87ce0e-e654-4dcc-bbda-49a5d0c5f009&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F13275%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F13275%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Thu, 10 Nov 2022 21:07:57 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1652
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-ygj3oPlE2uEfs_5n0Ivk1ejDbWoxw34BgGH1Ueo-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-ygj3oPlE2uEfs_5n0Ivk1ejDbWoxw34BgGH1Ueo-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-ygj3oPlE2uEfs_5n0Ivk1ejDbWoxw34BgGH1Ueo-~A
date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame 1652
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRz...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F37924%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3c87ce0e-e654-4dcc-bbda-49a5d0c5...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F37924%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.4.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F37924%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3c87ce0e-e654-4dcc-bbda-49a5d0c5f009%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1652
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-l8fjXqFE2uGnDlzFVGQnFb9nYFFgZyMr5H_5mN8-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-l8fjXqFE2uGnDlzFVGQnFb9nYFFgZyMr5H_5mN8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-l8fjXqFE2uGnDlzFVGQnFb9nYFFgZyMr5H_5mN8-~A
date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel.gif
px.moatads.com/ Frame 269D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.besafe.global%2Fglobalpassback_728x90.gif&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FqPuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&cu=1668114475423&m=1111&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=939&lg=1&lh=47&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A2645%3A2645%3A3546%3A2653&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=52&cd=0&ah=52&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=772207469&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 10 Nov 2022 21:07:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110901&jk=2017014597017491&bg=!dHeldzPNAAbvMpMzzzI7ACkAdvg8Wq6FIemC6jTn1GKrhROvOz5Xxcltt05SHNiMQwPpSSoWOL9VuQIAAADvUgAAAARoAQcKAMy5D6I9vFlLJdIqshNraae3tc_fmeVq90ZSsJa6uNO_R9JO-gDK8M26i_AEYnxERWbvyaUjhGvLIifqyvmqPOBGpfo2030eKwxyVqJkAnFI9zz7TFRDozy2KH7Rz_PXqTQuxCtBDAilBxY411ro7EKJwhQJdQ-qTYHb_CDy5r-Zc93F8XW1tPNvUpa3P_PsqhvNnpXmdL5CL_fm0lo3n_hEtUdDu5G5wDkdCJ_9GChoVKtK8ibsiO62ggGwarJvX0LknWsctIXmx_O3Y3WZAsWv28LAlMZBmTwZmoNoZcOOh9fexeGxKl54MglMGQh0LVNc9U7n-slbNKoEzmTQySWsZjvdInbW0328AEPATFPOoHpo3IZcle_g9RX_Nvr7Hbm_zRJm8B5bQuSFVC3WoAZHjJDone4SIYoRRHL06gWoIgKez0W1YTJVEWpiOsV83pykb3qheG_X4BttMlqh97EPfO8AmrWYtsYKhdDVb_BBWtgyD_lCpA6827YO-WWYnXgFmHTu0MVg-EaWbJzzCCafbFX4tMOae36HY_TWS1CcAPW1OtrqiWL5R08Q6lozOM5ffyCW3DbEs6IZuxpueUSrJhLto_FPBP5PEiUTP6yoHWNNlLhhq381yC2kNuGU51XABVgfAj_m7kw_swt7hCqu7gnPROzkJzJ0j-o8xfKEdb65GlVmqyUx_9KUunLUym5R9J3UUmKcr8QYPQJyPeDfbbyyM8EDFABlGjx8kNtFXRSZiMTcxmPjjF3aGoSQPFbmK3Z3U7xIHVUb5Kxkwii3apjN968cjboeInP3hlEAGnVXiscqGEaQk7JvbFx5oiedx3nBwJztX9ello_ThQJ7ns-uY7drCefppw029tMXysRAs5Eu-SYJTJ9NhlNeyeOa6cWYDKVBZ2xRk6eJYvcZFfTmkDBclyszPlYhLl5G4uziXZC0aGv3vcTVf94lRCpAGYzz-Z2MyOu2mjDPqIZB8RsiHkRar4RiGt6gJ8fiJI5u5YLxB7Eoq-j5CDs-89qo5xLIayLwf3_z3GCPZl0vO23COG0C6h1DpfP0cX5rdLOzhBMMzMesLa7OJlhSTz-cvalXFFqi-AG7nMWpKU5xSLmCy7V9R8Ue8Ws9U0KqA6p9pH7n3Kv2Weir8-Ksz-frNgyRePqwyZtuUxD9jRFlWxO4ATk5RfSR9JLm0FecSRXPhetWLN_eTJC24QX0pZRWGLbs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110801&jk=2706906081547267&bg=!b2ylbCjNAAbvMpMzzzI7ACkAdvg8WoqMkKZ97AsCxVugbAQ9qeAqPrM58HHTGUHw5Fkd6K7u3FQoXwIAAADdUgAAAARoAQcKAIIJkJz39pSdD5XqpV6UCGP4Ji4eTU8dofTkNOU5TFsPtZgJ6Web4XQ90RhGaxj7K_qhyoP9yG3nogrCJThFr4GYx87VeegOVoVKakk6bWCNWPgxIkKanUol7XpBmNhW1AYgWa2sEpySGx9HRaiEn587DmdGeB7OjM2eFF3HFLWhKj4cmQLGDRc3Tiz565rzQ1V7wWeIBix_KNHX7LST89IqtuHK_Apy70BAIvkgP_3iAlPf_hKbNJHPirznO8xUvWLH1rf9lSIgq_BH3dKtwuuz1oVnMHwOSChOWkggyknaLXcz7-6Vd6rSzCvaSt9yhNjpo2YdDYARKHNBuWfDJvm-xW6hGBxXWOwh46Y7Zvgu1O9mzUOdLh1gnu0G4p_3oN7CzXdBPjrDD3G5f5qcXW3gK_BB2WqxbiVNN39qWkLwntWq-oSLxgCIEYu8hdWpc_7y0ZqZzaLtyQ0ZAptGqwuyMNH4YSm1_r_zARRN9z7xyNWRsOTo1o2Tui98-2UwbfixdEvrI9_7vpMCuvh41yoKtB8qGci-hBgASLUSAxf12FUt-RoluHdCz5glrEzNOhIZwEl2AVip6xHaoDBhtXkQlmjTi7gEp4PNNJrpHq5LeZxd71gtJBIzJk74BqWYlUg--Cd1GCfcRId6S2EtQYuWndn-6W3En8N-NmL24Rr4fv033UYVXoh0e9zyrtJI0UDig1H-qPm6IrF-G7heAU45c79LLi3DGXV_GX_1i8T_1-DZbx-9I2HZmolUCU2BOeioahdWHC6ObER9af0Xe1DopnX06gHIafO2j0VArDwz4Er_ZM1teWaPah6MLUc-H7Ws3w2t7w0XS7BbLt_Aojz_UJ3gVrgByU1NZ_kXIx9X1EyE-ikC2z1maresZGoxAs-v6YJ299JaOmPuK14iurD9RNpbHcDVqRIN4VP05YMJcHihQmRhj36vRRdZgDR6izNkEMJYB-NuYoGzqhovowdDdn5jZH9r0F_8zuHn5XyKYEub4xlfEbUxntRZRIEvRKBTe7Bio0semFg7QsPMSmOjoXEfSD93dwezHlV0r7Ctm22wC7-H4xbyzR-I8UfI3M4-5sA1KGxDeVu3clFXko7PR7tZENB8vJJanC4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 297B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=2726534110511385&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 6AAF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0413
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5xDBCO5JlVUW25erRQZy5cEJ8lVHodtWKb7P8qTEBRMLqKCnpx4WNmIWDYE1CD04DEittwQ%2Fl6QFOpweNX7xLUu5MgGEQfXMF0g61LDrVo82NhfH8xvan9pev6jczvNtSBJrXeqUouvhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7681c2b94c52fb94-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0413
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y21oLBRlAv1dnrsG5Bq5pQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0413
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706476&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706476&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706476&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 0413
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MTY29R0Y8E1F00RRKGDV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
42ZY671YTYQVWECGSG0K
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0413
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3448636d-682c-4000-85eb-b55489834e65
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3448636d-682c-4000-85eb-b55489834e65
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
Server
MT3 162 58fc253 master nrt-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3448636d-682c-4000-85eb-b55489834e65
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 21:07:55 GMT
demconf.jpg
dpm.demdex.net/ Frame 0413
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y21oLBRlAv1dnrsG5Bq5pQAA%265332?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
18.136.88.127 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-88-127.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcscanary-prod-apse-1-v053-0ff9cf2f3.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
v5p9Z7VaQro=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-1-v042-0956cf47e.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ImxAXEYoQu0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 0413
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4156914352050536875
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4156914352050536875
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4156914352050536875
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 0413
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JDsLMCQwD2w_PAVtIW4QMHY6WGU_O15kJGuNEdC1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JDsLMCQwD2w_PAVtIW4QMHY6WGU_O15kJGuNEdC1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JDsLMCQwD2w_PAVtIW4QMHY6WGU_O15kJGuNEdC1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ads.servenobid.com/ Frame 0413 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame 8A93 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:56 GMT
AN-X-Request-Uuid
9d0c480b-b9bc-4e96-8e39-20ed2ecdefc5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A0DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y21oLIvjQsP17ON6-CwhMgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPKTzVdqaZ-yNivmB3pnVNU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A0DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srLFGPxPAGe8YmoNJ40AonKd1gG96orWlApQfu9M2ZlgyeOrC8hv2%2FdQoE4dMd3N7MMazvkXd%2BjStY%2Bma7iA8Q7Io%2BhCxBduAif4QcQNS8%2FHMtxhTcSvz938SjD3HWmjf2eVz06481iTyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7681c2b9acd8fb94-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECXtx1jY2SCRWVhw94-g03c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A0DF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G2AQ0MJ0SKV0Y6ZGX6S9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PJJ4349QEZR1H7X96FJN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y21oLIvjQsP17ON6_CwhMgAAFNcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A0DF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706477&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706477&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56dd1a37-4dba-47d0-839f-f69969cfcfff&expiration=1670706477&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
/
csync.loopme.me/ Frame A0DF 		0
0
crum
dsum-sec.casalemedia.com/ Frame A0DF
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683752877&external_user_id=171a1600-eb15-43f1-a6a1-6838838642aa
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683752877&external_user_id=171a1600-eb15-43f1-a6a1-6838838642aa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 21:07:57 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683752877&external_user_id=171a1600-eb15-43f1-a6a1-6838838642aa
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame A0DF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAuE2E7G2tAAAB9HYnsxyg&expiration=1669324077
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAuE2E7G2tAAAB9HYnsxyg&expiration=1669324077
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAuE2E7G2tAAAB9HYnsxyg&expiration=1669324077
Date
Thu, 10 Nov 2022 21:07:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tp_out
d.adroll.com/cm/index/ Frame A0DF 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.99.79 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-99-79.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame A0DF 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y21oLIvjQsP17ON6-CwhMgAA%265335
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
81501
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7681c2ba1d59aacb-SYD
content-length
43
expires
Fri, 11 Nov 2022 21:07:57 GMT
pixel.gif
px.moatads.com/ Frame 269D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FqPuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&cu=1668114475423&m=1234&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=939&lg=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2645%3A2645%3A3546%3A2653&aa=0&ad=76&cn=0&gk=76&gl=0&ik=76&ic=76&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=52&cd=52&ah=52&am=52&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=662460073&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 10 Nov 2022 21:07:56 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FFC4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46786469&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b95ea4c1bf65fbc7abe25f2d2d60b4c967622b0cc29454e8625865a2259aa64f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame CF99 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=f6n9GGe5uqpMKYysaWdm6hnubDNkegahPr3iwPgLOZo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CF99
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe7-SkH_14PvPmwefTy1u8zkBnhjMLCA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe7-SkH_14PvPmwefTy1u8zkBnhjMLCA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGNe7-SkH_14PvPmwefTy1u8zkBnhjMLCA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame CF99 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:56 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 21:07:55 GMT
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LABKAC2A-J-681G&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LABKAC2A-J-681G&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LABKAC2A-J-681G&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6170091816546164090
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6170091816546164090
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 21:07:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c70901ae-b762-4043-b5f7-a14f96340e07
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6170091816546164090
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7499798753662301054
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7499798753662301054
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7499798753662301054
date
Thu, 10 Nov 2022 21:07:56 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CF99
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RHsTouTGVjK3EkAIKfumsD-i00UFKIrYhRjTcVDCgMo
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RHsTouTGVjK3EkAIKfumsD-i00UFKIrYhRjTcVDCgMo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8F7Z8PRTJW86XWTQ8R30
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RHsTouTGVjK3EkAIKfumsD-i00UFKIrYhRjTcVDCgMo
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Pug
image2.pubmatic.com/AdServer/ Frame CF99
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBERTkzNDgtMEEzRC00RDE3LTg2NDItQkUyODMzMDIwNzIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-tqsdVA9E2uEfkVRFcSzLEbsQay9HKNfXM91oLSo-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-tqsdVA9E2uEfkVRFcSzLEbsQay9HKNfXM91oLSo-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-tqsdVA9E2uEfkVRFcSzLEbsQay9HKNfXM91oLSo-~A
date
Thu, 10 Nov 2022 21:07:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame CF99
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2a715592-8309-40e7-8754-bde296fb9d4b&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame CF99 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=f6n9GGe5uqpMKYysaWdm6hnubDNkegahPr3iwPgLOZo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6AAF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qA1ioQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 799E 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
3a9d29577bed7a64912f16b601cffc79a35ae2998d1c83b7d008985d342444dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49297
x-xss-protection
0
server
cafe
etag
7973301376647237383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:57 GMT
usync.js
eus.rubiconproject.com/ Frame F5DB 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec4bf3e64407fef38d1bf563a09254ac3e5893ac7e2e9882b4d39ee81420f46e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 04:56:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=28164
content-length
9884
expires
Fri, 11 Nov 2022 04:57:21 GMT
usync.js
eus.rubiconproject.com/ Frame 4469 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec4bf3e64407fef38d1bf563a09254ac3e5893ac7e2e9882b4d39ee81420f46e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 04:56:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=28164
content-length
9884
expires
Fri, 11 Nov 2022 04:57:21 GMT
match
c1.adform.net/serving/cookie/ Frame F215
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 10 Nov 2022 21:07:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 10 Nov 2022 21:07:57 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30DE9348-0A3D-4D17-8642-BE2833020722&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 9DB5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
42 B
115 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
379
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame F67C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
379
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
/
onetag-sys.com/match/ Frame 61C3
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrmrwumu3lx
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame F441
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=K-m1TCvisRAw7rsRLryuTHno5hkw6eAYK7k4SqCn
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 633B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6170091816546164090&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=30DE9348-0A3D-4D17-8642-BE2833020722
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 0C75 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=30DE9348-0A3D-4D17-8642-BE2833020722
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 10 Nov 2022 21:07:57 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN6TSAo9TReGQr4oMwIHIg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120475
accept-ranges
bytes
content-length
5549
expires
Sat, 12 Nov 2022 06:35:52 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame FFC4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=30DE9348-0A3D-4D17-8642-BE2833020722
  • https://pippio.com/api/sync?pid=5324&it=1&iv=79956eed2d899be5c9f7767a985a7be1b01071dfdf93a831a868241a8f0b7772791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3OTk1NmVlZDJkODk5YmU1YzlmNzc2N2E5ODVhN2JlMWIwMTA3MWRmZGY5M2E4MzFhODY4MjQxYThmMGI3NzcyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3OTk1NmVlZDJkODk5YmU1YzlmNzc2N2E5ODVhN2JlMWIwMTA3MWRmZGY5M2E4MzFhODY4MjQxYThmMGI3NzcyNzkxNDI2YjU0MTdkY2UyMRAAGgwIrdC1mwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ef60624f-350d-4056-98b0-e14eb4575272
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=ef60624f-350d-4056-98b0-e14eb4575272
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=ef60624f-350d-4056-98b0-e14eb4575272
date
Thu, 10 Nov 2022 21:07:59 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame FFC4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3448636d-682c-4000-85eb-b55489834e65
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3448636d-682c-4000-85eb-b55489834e65
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Nov 2022 21:07:57 GMT
Server
MT3 4629 97bee97 master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3448636d-682c-4000-85eb-b55489834e65
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 21:07:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FFC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBERTkzNDgtMEEzRC00RDE3LTg2NDItQkUyODMzMDIwNzIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FFC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 21:07:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FFC4 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 09 Nov 2022 21:07:57 GMT
30DE9348-0A3D-4D17-8642-BE2833020722
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FFC4 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/30DE9348-0A3D-4D17-8642-BE2833020722?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.170.135 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-170-135.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pubmatic
um.simpli.fi/ Frame FFC4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=56dd1a37-4dba-47d0-839f-f69969cfcfff&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPRkMZjMdxP8rLFokO71Ni0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.126.167.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 09 Nov 2022 21:07:58 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Thu, 10 Nov 2022 21:07:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 35A0 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4871406041276183474&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 35A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=765b60bd-cc23-42c9-a105-e2cae45735e0&expires=1&user_group=5&ssp=smartadserver&bsw_param=94338d19-45d3-4fea-a942-a84d322affc6
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=94338d19-45d3-4fea-a942-a84d322affc6&gdpr=&gdpr_consent=
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 35A0
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=085b220419ca8dfc30c01470&gdpr=0&gdpr_consent=
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=085b220419ca8dfc30c01470&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=085b220419ca8dfc30c01470&gdpr=0&gdpr_consent=
date
Thu, 10 Nov 2022 21:07:58 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
v1
match.sharethrough.com/sync/ Frame 35A0
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4871406041276183474&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4871406041276183474&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
52.220.251.156 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-251-156.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4871406041276183474&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 35A0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3107225997839085559&gdpr=0&gdpr_consent=
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3107225997839085559&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3107225997839085559&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6170091816546164090
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6170091816546164090
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 21:07:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
936dc940-8144-4d28-ac6c-12196410209f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=6170091816546164090
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidswitch
event.clientgear.com/gogocookie/ Frame 48FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_4e3513f3-409e-4950-906a-e7acc18744ea&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
47.252.78.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=94338d19-45d3-4fea-a942-a84d322affc6
date
Thu, 10 Nov 2022 21:07:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a91f68eb-74e2-4d49-7787-da3732a148dd$ip$116.90.74.196
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-a91f68eb-74e2-4d49-7787-da3732a148dd$ip$116.90.74.196
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-a91f68eb-74e2-4d49-7787-da3732a148dd$ip$116.90.74.196
Date
Thu, 10 Nov 2022 21:07:57 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_4e3513f3-409e-4950-906a-e7acc18744ea&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=Tel1SNEk0Jn9VPkvWPec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VDFNQYVGTSFNMYEU3RZKZIGW5SXKBSWG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tel1SNEk0Jn9VPkvWPec&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tel1SNEk0Jn9VPkvWPec&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tel1SNEk0Jn9VPkvWPec&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668114477329
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8110664185
  • https://sync.1rx.io/usersync/tradedesk/56dd1a37-4dba-47d0-839f-f69969cfcfff
  • https://sync.targeting.unrulymedia.com/csync/RX-59ac803d-9811-4dd3-850b-6715a32d7b68-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-59ac803d-9811-4dd3-850b-6715a32d7b68-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-59ac803d-9811-4dd3-850b-6715a32d7b68-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-59ac803d-9811-4dd3-850b-6715a32d7b68-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-59ac803d-9811-4dd3-850b-6715a32d7b68-004
date
Thu, 10 Nov 2022 21:07:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX59ac803d98114dd3850b6715a32d7b68004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=03x0dOXaC44G&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=03x0dOXaC44G&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=03x0dOXaC44G&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d97b86c77-2tsfs
expires
-1
syncUser
sync.outbrain.com/ Frame 48FB
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28pwxLBINIl_2trjoZZtm7SvtMe4xG-v-jA8kUpGBmgh1x9SHD-3BB6JXDei7X0VAQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4e3513f3-409e-4950-906a-e7acc18744ea&obuid=ENC(pwxLBINIl_2trjoZZtm7SvtMe4xG-v-jA8kUpGBmgh1x9SHD-3BB6JXDei7X0VAQ)
0
0
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c5fc7ed5-36b3-4ea7-a6c4-543588cb35ea
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c5fc7ed5-36b3-4ea7-a6c4-543588cb35ea
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=c5fc7ed5-36b3-4ea7-a6c4-543588cb35ea
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-flWOeSJE2pd0mzFaP3h68jNldr3vKYY1xmu_~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-flWOeSJE2pd0mzFaP3h68jNldr3vKYY1xmu_~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 21:07:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-flWOeSJE2pd0mzFaP3h68jNldr3vKYY1xmu_~A
content-length
0
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=bdbb8323-fd64-495c-b36d-f8529fe1c219
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=bdbb8323-fd64-495c-b36d-f8529fe1c219
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=bdbb8323-fd64-495c-b36d-f8529fe1c219
Date
Thu, 10 Nov 2022 21:07:58 GMT
Connection
keep-alive
X-CI-RTID
8bd5329b-b19a-4c6f-ba64-bd79f9942e8d
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 48FB 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.42.199 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
498688819
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 48FB 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=607a995a-4a48-451a-907d-5d5c08223917
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=607a995a-4a48-451a-907d-5d5c08223917
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=607a995a-4a48-451a-907d-5d5c08223917
access-control-allow-origin
*
date
Thu, 10 Nov 2022 21:07:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 48FB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4871406041276183474
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4871406041276183474
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4871406041276183474
date
Thu, 10 Nov 2022 21:07:57 GMT
content-length
0
sync
ads.servenobid.com/ Frame 48FB 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_4e3513f3-409e-4950-906a-e7acc18744ea
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F1B1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120475
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 12 Nov 2022 06:35:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0094
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=56dd1a37-4dba-47d0-839f-f69969cfcfff
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=56dd1a37-4dba-47d0-839f-f69969cfcfff
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 10 Nov 2022 21:07:57 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=56dd1a37-4dba-47d0-839f-f69969cfcfff
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame F8AD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:57 GMT
Expires
Thu, 10 Nov 2022 21:07:56 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master nrt-pixel-x10 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=3448636d-682c-4000-85eb-b55489834e65&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame EDD8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 10 Nov 2022 21:07:57 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y21oKgAAACFEfAAW&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11229-MEL
x-timer
S1668114477.288742,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 87FB 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80ZTM1MTNmMy00MDllLTQ5NTAtOTA2YS1lN2FjYzE4NzQ0ZWE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame AD2B 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.33.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-33-18.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 10 Nov 2022 21:07:57 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame A555
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y21oLMCo5tEAAOEZBfYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y21oLMCo5tEAAOEZBfYAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 10 Nov 2022 21:07:57 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y21oLMCo5tEAAOEZBfYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
20
X-SO-HostName
a-ad40390.dc2p.scaleout.jp
X-SO-IP
116.90.74.196
X-SO-Key
Y21oLMCo5tEAAOEZBfYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":20,"gdpr":false,"ipv4":"116.90.74.196","key":"Y21oLMCo5tEAAOEZBfYAAAAA","privacy_sensitive":false,"uid":"Y21oLMCo5tEAAOEZBfYAAAAA","upstream_id":"a-ad40390"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-UID
Y21oLMCo5tEAAOEZBfYAAAAA
X-SO-Upstream-ID
a-ad40390
gumgum
cs.admanmedia.com/sync/ Frame 9E27 		0
0
usersync
usersync.gumgum.com/ Frame DD3F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7681c2baff3efb94-AKL
content-length
0
date
Thu, 10 Nov 2022 21:07:57 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y21oLBRlAv1dnrsG5Bq5pQAA%265332
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTBw9G0w%2FY760Bb2p4SUTpprlUSOoaaJLLkduMiutlATTMx2Tw%2FOn2tGPywnCVQYLg6CNccgQrLqq3pYuTJ7TYVe6nGDQ5Tnvu7m9MuGdfpTjcWtvklktJJcq%2BAcxOv%2BA8MqpVd0nBNHjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DBB4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=nVUstsK11BeOKVr6TYex&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=nVUstsK11BeOKVr6TYex&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 21:07:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 10 Nov 2022 21:07:58 GMT Thu, 10 Nov 2022 21:07:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=nVUstsK11BeOKVr6TYex&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 494F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 21:07:57 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 21:07:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
activeview
pagead2.googlesyndication.com/pcs/ Frame 269D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCz0EW5Z1MXmc3tq-lpioYOBYfbh1_qVhFjVmkK48V_NO91gJ_XGKZKDdTe9p2pSYAYXSQdY9kreEuE8IDQssHGes8&sig=Cg0ArKJSzCfKbos3WGUNEAE&cid=CAASFeRosBUOB6UfBaqHh1tqUukXu9qJlg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668114472886&rpt=3360&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F5DB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LABKAC2A-J-681G
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LABKAC2A-J-681G
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LABKAC2A-J-681G
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 21:07:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 21:07:57 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LABKAC2A-J-681G
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
sync
ads.servenobid.com/ Frame 4469
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LABKAC2A-J-681G
  • https://ads.servenobid.com/sync?pid=323&uid=LABKAC2A-J-681G
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LABKAC2A-J-681G
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LABKAC2A-J-681G
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ Frame 799E 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
03638623b509735e5010b756973328dcc8a213242e3395f71988f9ad47564ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119046
x-xss-protection
0
server
cafe
etag
11644271244977424491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 21:07:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/ Frame 65E7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
73442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:43:55 GMT
etag
10353107486223812946
expires
Thu, 24 Nov 2022 00:43:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame 269D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FqPuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&cu=1668114475423&m=2251&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=939&lg=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2645%3A2645%3A3546%3A2653&aa=1&ad=1095&cn=76&gn=1&gk=1095&gl=76&ik=1095&ic=1095&ez=1&co=1095&cp=1021&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1021&cd=52&ah=1021&am=52&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=2064693408&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:57 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 10 Nov 2022 21:07:57 GMT
usync.js
eus.rubiconproject.com/ Frame 494F 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec4bf3e64407fef38d1bf563a09254ac3e5893ac7e2e9882b4d39ee81420f46e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 04:56:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=28164
content-length
9884
expires
Fri, 11 Nov 2022 04:57:21 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 799E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 799E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0BA5 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=1045718042&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114477511&bpp=3&bdt=498&idt=337&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&nras=1&correlator=5209430815737&frm=8&ife=1&pv=2&ga_vid=396498336.1668114478&ga_sid=1668114478&ga_hid=1030500028&ga_fc=0&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C44761793%2C44774649%2C42531705%2C44774653%2C31070763%2C44775017&oid=2&pvsid=634105456463972&tmod=1771969993&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.y3xha2ju591b&fsb=1&dtd=354
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 69A2 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=399784846&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114477514&bpp=1&bdt=501&idt=357&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5209430815737&frm=8&ife=1&pv=1&ga_vid=396498336.1668114478&ga_sid=1668114478&ga_hid=1030500028&ga_fc=0&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C44761793%2C44774649%2C42531705%2C44774653%2C31070763%2C44775017&oid=2&pvsid=634105456463972&tmod=1771969993&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b4yo2l9jenqc&fsb=1&dtd=361
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame 269D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FqPuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&cu=1668114475423&m=2252&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=939&lg=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2645%3A2645%3A3546%3A2653&aa=1&ad=1095&cn=1095&gn=1&gk=1095&gl=1095&ik=1095&ic=1095&ez=1&co=1095&cp=1021&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1021&cd=1021&ah=1021&am=1021&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=1600515486&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 10 Nov 2022 21:07:58 GMT
usersync
usersync.gumgum.com/ Frame 494F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LABKAC2A-J-681G
  • https://usersync.gumgum.com/usersync?b=mag&i=LABKAC2A-J-681G
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LABKAC2A-J-681G
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 21:07:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LABKAC2A-J-681G
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
pixel.gif
px.moatads.com/ Frame 269D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FqPuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1668114475423&de=608866638677&cu=1668114475423&m=2252&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=939&lg=1&lh=47&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2645%3A2645%3A3546%3A2653&aa=1&ad=1095&cn=1095&gn=1&gk=1095&gl=1095&ik=1095&ic=1095&ez=1&co=1095&cp=1021&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1021&cd=1021&ah=1021&am=1021&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AfcXwMB2nTs6cVrthL4rb7g%3ApvkqL1CYQNqIOHmY4Qm7cg&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=429985890&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.229.158 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-229-158.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 10 Nov 2022 21:07:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 799E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
d486dd107e83c823be9e151cfcf95da6b612b6ffaf280e0a0390cc1c4dc48738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12619
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1545 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
97636d4007f50f589ee07eacba172bfd4a78f1ff06e95abc208cd904f5765c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12482
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 04B2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
351d716c4a86384b43da1af9a76d73b36647038696f4fd8949ebecf2d985d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12494
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1545 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 799E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 04B2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 21:07:58 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=6217&cid=1490982066.1668114472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668114473&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&dt=2021%E7%84%A1%E5%8D%B0%E8%89%AF%E5%93%81%E6%9C%80%E7%86%B1%E8%B3%A3%E4%BF%9D%E9%A4%8A%E5%A5%BD%E7%89%A9Top%205%EF%BC%81%E7%B6%B2%E8%B4%8A%E5%86%A0%E8%BB%8D%EF%BC%9A%E9%AB%98CP%E3%80%81%E6%BA%BC%E6%95%B7%E4%B8%8D%E5%BF%83%E7%96%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 21:07:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D455 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
179880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:09:58 GMT
expires
Wed, 08 Nov 2023 19:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9ACC 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
2631b3d38e42d675844b0ee850a32acfb8fb67b9405180040562dcfa21d3f558
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RQGHU5GkxrQD8W2fKp9aTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-RQGHU5GkxrQD8W2fKp9aTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
expires
Thu, 10 Nov 2022 21:07:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC9E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
179880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:09:58 GMT
expires
Wed, 08 Nov 2023 19:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 369F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
15db15e9e755646b82b63ad8d68444e05fa573b907d158ae1083ce9b751d230c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2LZuzWjlSO-XhXbp_Ru7oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-2LZuzWjlSO-XhXbp_Ru7oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
expires
Thu, 10 Nov 2022 21:07:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBDB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
179880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 19:09:58 GMT
expires
Wed, 08 Nov 2023 19:09:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B546 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
2c2009540f2ca7f7d9ca916c55dcffaa7405baccb62f863b1991c7ab73561fbe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SLqILueNhQz8JdNjlXApeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-SLqILueNhQz8JdNjlXApeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 21:07:58 GMT
expires
Thu, 10 Nov 2022 21:07:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 9ACC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=957122147077897&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame D455 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 369F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=634105456463972&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame CC9E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B546 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=3753466674931940&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame EBDB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FFC4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame CBE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221108&jk=2726534110511385&bg=!BgWlBUHNAAbvMpMzzzI7ACkAdvg8WgRUVT-hHodRCplz_C4KG8NllC9HEzvkH86u-BuuqGT9J3GR-QIAAABlUgAAAAVoAQcKABGujHNKwwKj8q-_CJ_RWDbRe5kC6sVhGXx33egu3rfPFuEOg0Pi9kpLSAKDRGFDAUYaFd0bsANtlBlLwlYg4kNOfzpyNi2nVaLomyAnS79pGA31tWTFMaEi0gMClu1V_Xc8vdd2SGJHK7Xu2lpAO_BfRrmVS_Lv41kaiILRrnJSIlovgAJEHck_tmQVXrJFfmcs_vBQpyoLqSfwpBPP3adASvnDqaM73Szx6c8-p76LHhZ9nJX0W1C0z9H_INPOGfdNt1Gn_bKL-BXRLll-aQMDs9p-aZ1jePhgi-_AP9zHGkljQiG3DkbOh-Ag2DSn08pqp4QuMV-GtIkdSOc64r3kAdlgpFjvUyAwi8-QCRzLT-d1RwPZj02dJAfbX9wIqhOqi_SFg0zk22KMiAbQVUveQ0Xfx2UK_sbirXw_V4-5BHhtOQHSUXLekK6W52QIYhfZHDZZaMCAI_M4yEo--5xHCFCHCe4k2r_EVY9ijTnu1HxRnzHiIgfDR6QhFjI3JzL0zTs91p8A73NGUOIdxfWRsvC_h13VV5vlOa3mGkfguXQ-j-7ioYj-S2bAeQUHEo5IvkAJjVKspIQ9-zujjmN1AqO23ASHD2cBHH_YZSSUin3P-WZvEMb0v8lB6uJbUBksfkvYrodqmWguSnxezt6hK-yN0UD9nqbBnVJzB5TcF24raDKn7SyKNzaXVgZa-NoE_qz3phzCJDxqkjWmitKPx65ObuPBGC-4eeOO13LpOkrFzki58EFpN53Opn4GHTcOjO1a0Fxwv4ww307I0RPWaRuOzGzJaybeISDSTrdkvnpna3UcAQDyEWV4-EnTIBULwKt5t5E1vG7mF0Tp_HQrXL4wtE6t2Qv4wcPjZh3dVOJT0xE25-m-48sCDBwzPkHPmtiT9Htwqzl6hZFhp3jEvvqgY1m4oNaRmqgPfC4rl7t8Hf3TI7DsKK3xUcPctVhdGzlIw20cqmOxykmHmjxuG35SxTycu3O_cXmNGZOxThFdmiN4ScYlw4MsZE6z
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D455 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kdWXRw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame CC9E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3Sr7Dw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame EBDB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YOXhWg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 21:07:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
18bdd6989ab8303b9e1bd215b56815f2.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/18bdd6989ab8303b9e1bd215b56815f2.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame C16F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF&CFFPCKUUID=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&maindomain=www.bg3.co
Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF&CFFPCKUUID=2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&maindomain=www.bg3.co
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHchHfRiodgi9nlSmR2JHIY&google_cver=1&google_push=ASkJ3FaP9hiG8TT-mYkiF2qpIxaY6AT1NOtLbWtNZPOh21YwdMyO5ZjJKpUhkWdpGsQrVuc8niN5BvMuQCWFOzLvm9RIwkWHNdFhWZMsoa_JzkYxo5vs3spj3fNnDq6SJFzgLyz9NXul1HJq
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHchHfRiodgi9nlSmR2JHIY&google_cver=1&google_push=ASkJ3FaHWzi_zgrdnkjP-QVcZxIuprBZW6OUiHkSptHmoGxBnGjflkuVTHTKj4uWZ8-UY_hKPYiBylYbkg8IlJUMGezMHA73KSwsYnkKh3yA571Vum5lhOP3IUyMUmWfAYwoTlhaMFYKsOrXZ-aA8zD15w4
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232923304331012879751&ssp=medianet&gdpr=0&gdpr_consent=
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232613304331012876708&ssp=triplelift&gdpr=0&gdpr_consent=
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4e3513f3-409e-4950-906a-e7acc18744ea&obuid=ENC(pwxLBINIl_2trjoZZtm7SvtMe4xG-v-jA8kUpGBmgh1x9SHD-3BB6JXDei7X0VAQ)
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85032221&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString object| adRecover number| ampAdSlotIdCounter undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| _qevents object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing boolean| descriptionPage object| criteo_syncframe_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| google_reactive_ads_global_state object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_tag_manager function| onYouTubeIframeAPIReady object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

148 Cookies

Domain/Path Name / Value
s.c.appier.net/gcm2 Name: _lastau
Value: htYw
.3lift.com/sync Name: sync
Value: CgoIoQEQxtf7msYwCgoIgQIQxtf7msYwCgoI4gEQxtf7msYwCgoI5gEQxtf7msYwCgoIhwIQxtf7msYwCgkICRDG1_uaxjAKCQg6EMbX-5rGMAoKCIwCEMbX-5rGMAoJCF8Qxtf7msYwCgkIHxDG1_uaxjA=
a.c.appier.net/gcm Name: _lastau
Value: htYw
.aralego.com/ Name: sspid
Value: 70e82f2e-4c30-3e86-8bdd-5a51bf474921
www.bg3.co/ Name: __AP_SESSION__
Value: abe3b419-4ce5-4930-8392-51759d2dbebb
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: bbf936b0-613b-11ed-9d09-000d3ac81042
.adpushup.com/ Name: ap_usid
Value: bbf936b1-613b-11ed-9d09-000d3ac81042
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: e16de5fc-b721-4906-9b69-8c3024bc0751
www.bg3.co/ Name: CFFPCKUUID
Value: 2951-yV8UuuWXdZA0ji5MDDIWXgtlXJIe8ugk
.www.bg3.co/ Name: CFFPCKUUIDMAIN
Value: 4967-pHwpMgtIGajgBzTHsRx0xTNJR2IFG1xF
.hinet.net/ Name: uuid
Value: 6fb072e4-4c1e-431c-a844-c55c93891445
.openx.net/ Name: i
Value: e16de5fc-b721-4906-9b69-8c3024bc0751|1668114471
.bg3.co/ Name: __htid
Value: 6fb072e4-4c1e-431c-a844-c55c93891445
.holmesmind.com/ Name: Vision
Value: 20221111-23:59,20221111-08,20221111-08,20221111-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 456579-kQlv7Vs2qZcAAHdHzjquRtLn5SuUIyo3
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwp9C1mwY4AUABSAEQp9C1mwYYAA..
.adnxs.com/ Name: uuid2
Value: 6170091816546164090
.omnitagjs.com/ Name: ayl_visitor
Value: 7a5ade5c7b17867390c8bd568bc338f4
.rubiconproject.com/ Name: khaos
Value: LABKAC2A-J-681G
.bg3.co/ Name: _ht_50ef57
Value: 1
.teads.tv/ Name: tt_viewer
Value: 9b54b6aa-512e-46b8-a3a5-3d37abde6b99
.bg3.co/ Name: _ht_em
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn48KMZ9aS_XNTxN912in5DY8-T1RPwCtkdbnQQ3hhmSR4Jz77GApaKpr15dFs
.quantserve.com/ Name: mc
Value: 636d6828-4893f-dd2e1-3c06c
.bg3.co/ Name: __qca
Value: P0-1656673778-1668114471388
.bg3.co/ Name: __gpi
Value: UID=00000b7945076446:T=1668114472:RT=1668114472:S=ALNI_MZ-oi8wXW6Zm0XDa38gSgoFMjYGmQ
.c.appier.net/ Name: _auid
Value: _wSXjIuSB4eMb_DEKGhtYw
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668114473.1.0.1668114473.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1490982066.1668114472
.bg3.co/ Name: __gads
Value: ID=8fe6acabe8f5ef0d-226bb75f41d8009f:T=1668114472:RT=1668114474:S=ALNI_MawWPXis_lA-lelLIPOCaaTV6wU9Q
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y21oKgAAACFEfAAW
.mediago.io/ Name: __mguid_
Value: bb27a829ff4724e86abfaf639461bd10
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 30DE9348-0A3D-4D17-8642-BE2833020722
.uncn.jp/ Name: t
Value: v_468e7e27-a6f9-4163-af1b-dfbf34ab7c3e
.yandex.ru/ Name: yuidss
Value: 813774261668114474
.yandex.ru/ Name: yandexuid
Value: 813774261668114474
.adingo.jp/ Name: ID
Value: 190e32f41106a12deff36d5782214722
.openx.net/ Name: pd
Value: v2|1668114475|jElYiuvOiahI
.yieldmo.com/ Name: yieldmo_id
Value: g6fd9bdf7dd1854adb54%7C1668114475369%7C0%7C
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22254d5380-3574-4952-8788-e6f2ac115ea2%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-10T21%3A07%3A55%22%7D
.zemanta.com/ Name: zuid
Value: Tel1SNEk0Jn9VPkvWPec
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a91f68eb-74e2-4d49-7787-da3732a148dd.S8fB2ejxPiUuK6wYyb3oxwH7KGWkPjTkvjWG%2BICCV24
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqR9o63TiTUl3h9o3MqFI3XRaSsQ.EZ4KYq6K86jlk4Dn5TBs4CTVfAAPAB%2FrWd3vZByfUIU
.3lift.com/ Name: tluid
Value: 4022732964400508323397
.adsrvr.org/ Name: TDID
Value: 56dd1a37-4dba-47d0-839f-f69969cfcfff
.media.net/ Name: visitor-id
Value: 3111160757443616000V10
.openx.net/ Name: univ_id
Value: 537072971|1f6509d4-566f-41d3-a44a-aca812e792f7|1668114475948726
.casalemedia.com/ Name: CMPS
Value: 5332
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY4MTE0NDc2fQ
.ladsp.com/ Name: cr
Value: 1
.turn.com/ Name: uid
Value: 4156914352050536875
.smaato.net/ Name: SCM
Value: 9a078c3b
.smaato.net/ Name: SCMg
Value: 9a078c3b
.sharethrough.com/ Name: stx_user_id
Value: 6213bc22-4403-4cf5-8294-724969c47b69
.socdm.com/ Name: SOC
Value: Y21oLMCo5tEAAOEZBfYAAAAA
.fout.jp/ Name: uid
Value: lJsCmGTyoltawmX9YgoPERF2eAc
.mathtag.com/ Name: uuid
Value: 3448636d-682c-4000-85eb-b55489834e65
.media.net/ Name: data-a
Value: 6170091816546164090~~8
.bg3.co/ Name: cto_bundle
Value: PP5LDV9ja3F5ZkR6eUkyU1VjWVQxa0tzakRLSmVMQ2hYYkZWOUVsQjBhTVczMVYyOEZ4QyUyRkJGbzZwNFpkJTJGa1ZxQjRkem1XNWtlS2RRN2JjJTJGSXBhSzdqS0J6S0FLWTY3JTJGdUdSJTJGJTJGckllNkNjMmI4RSUzRA
.bg3.co/ Name: cto_bidid
Value: O3Y_6V9Ub05mQ2dRWXNhb0VKbHV1cjVBdXRPWHFsRTgyMDFQUFhzUk9HaTUwdFlSMnFQMk1ndU1EaHg4c1VFemYxY1hFa0olMkY4VzdDTW1iUkFNeEZ2NVMzeDd3JTNEJTNE
.ladsp.com/ Name: smn_uid
Value: mrVHCdUt-QoVM5rWBEOCJA8BtL58PUY
.ladsp.com/ Name: lum
Value: CNPb-5rGMBIFCAMQ0AU
.bing.com/ Name: MUID
Value: 28545E0733BF609D19024C5F328D6168
.c.bing.com/ Name: MR
Value: 0
.bidswitch.net/ Name: c
Value: 1668114476
.bidswitch.net/ Name: tuuid_lu
Value: 1668114476
.media.net/ Name: data-o
Value: faedb33a-b5a6-4c11-a2f0-3ab6f274a670~~8
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.a-mo.net/ Name: amuid2
Value: 3c87ce0e-e654-4dcc-bbda-49a5d0c5f009
.prebid.a-mo.net/ Name: sd_amuid2
Value: 3c87ce0e-e654-4dcc-bbda-49a5d0c5f009
.ads.pubmatic.com/ Name: KCCH
Value: YES
.onetag-sys.com/ Name: OTP
Value: RHsTouTGVjK3EkAIKfumsD-i00UFKIrYhRjTcVDCgMo
.linkedin.com/ Name: li_sugr
Value: e9247e92-4488-462a-a08f-a7e7d31cbbb7
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b5285125-26a7-4a91-8542-af4a9a1c8640"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2415:u=1:x=1:i=1668114476:t=1668200876:v=2:sig=AQF-Fy11vnXdfuv_oXjCKBq_U2sADGXQ"
.media.net/ Name: data-mm
Value: 3448636d-682c-4000-85eb-b55489834e65~~8
.media.net/ Name: data-ttd
Value: 56dd1a37-4dba-47d0-839f-f69969cfcfff~~1
.w55c.net/ Name: wfivefivec
Value: BY25HUeh1OTeMc5
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1669248000%3A197_201%7C1668643200%3A164%7C1668124800%3A174
.media.net/ Name: data-g
Value: CAESEKbao6o61ar8NcWdLtnmowg~~8
.bidswitch.net/ Name: tuuid
Value: 94338d19-45d3-4fea-a942-a84d322affc6
.pubmatic.com/ Name: SyncRTB3
Value: 1669248000%3A220
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^2^0
.pubmatic.com/ Name: pi
Value: 159706:3
.analytics.yahoo.com/ Name: IDSYNC
Value: 194o~287x
.servenobid.com/ Name: pid_312
Value: 6170091816546164090
.servenobid.com/ Name: pid_333
Value: Y21oLBRlAv1dnrsG5Bq5pQAAFNQAAAAB
.smartadserver.com/ Name: pid
Value: 4871406041276183474
.gumgum.com/ Name: vst
Value: a_4e3513f3-409e-4950-906a-e7acc18744ea
.servenobid.com/ Name: pid_318
Value: f6n9GGe5uqpMKYysaWdm6hnubDNkegahPr3iwPgLOZo
.w55c.net/ Name: matchmedianet
Value: 5
.quantserve.com/ Name: d
Value: EBMBFQHFJ4EO-TC_vLEA
.servenobid.com/ Name: pid_337
Value: y-ygj3oPlE2uEfs_5n0Ivk1ejDbWoxw34BgGH1Ueo-~A
.servenobid.com/ Name: pid_339
Value: y-l8fjXqFE2uGnDlzFVGQnFb9nYFFgZyMr5H_5mN8-~A
.bluekai.com/ Name: bku
Value: ikG99YNGqVBdmT6N
.bluekai.com/ Name: bkpa
Value: KJyWyWaFZp9D9mO4yTf+R+B6mNuEi4Weyf1C4gjMlyCOVox6Z6/b34FNdjfUXtB8j7ppIrwUI4Hs0lUMEcl8gZXdyle8aT5kd7j4Er4ftIdcTI2SzaWyPEONlv04+d7odd/IlHfE6dp7FVe3RNlrbI5+noQbUMIV0lxrZJ37bdDTpjKY3RvgDXsk3PMEkovS2rYtixXZ1Iit6+Lyh+uEyKe9JVNB5GKt82vR4cYzo1GJhgJbHjmJtxGyk9O1PijEf/qKRceQDZXhLON0c3lhLH6bM0cv7VKteRsW/2rGUQ7sRd4uxoz0Vm6iC+bjzKFyHVjqmVJqDLjEQb0FsNdvcVGw/04W0AsjSR5bepVUyrx9Jj1+8QQNkyvgLDrJCvjGMRd+G973HeFDWxu7pZxwR0jWcDWAvzJIeIJg9c3l5AT=
.rlcdn.com/ Name: rlas3
Value: mnvSUOAfhiXdBVMZA7uIUyFlM8CgaapYTwXJB2aCgUk=
.rlcdn.com/ Name: pxrc
Value: CKzQtZsGEgUI6AcQABIFCOhHEAESBgjtuSsQAA==
.company-target.com/ Name: tuuid
Value: 171a1600-eb15-43f1-a6a1-6838838642aa
.company-target.com/ Name: tuuid_lu
Value: 1668114477
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZhaGhiYm5uZGkKAMVx3SoQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTG2NDA2NjA3MzQ0MhbiM9QN8wiOd3E0LSrMNMkCAM5L6YAlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTG2NDA2NjA3MzQ0MhbiM9QN8wiOd3E0LSrMNMkCAM5L6YAlAAAA
.yahoo.com/ Name: A3
Value: d=AQABBCxobWMCEPzb73IZfN43NY5WfgEq0kgFEgEBAQG5bmN3YwAAAAAA_eMAAA&S=AQAAAu5-kQ2UGdKZOYJ2H_en-78
.servenobid.com/ Name: pid_316
Value: 30DE9348-0A3D-4D17-8642-BE2833020722
.media.net/ Name: data-xu
Value: BY25HUeh1OTeMc5~~8
.servenobid.com/ Name: pid_317
Value: 4871406041276183474
.mookie1.com/ Name: id
Value: 10523223482756687237
.mookie1.com/ Name: mdata
Value: 1|10523223482756687237|1668114477459
.mookie1.com/ Name: ov
Value: d68d40120397db24c519d860e95b85d7
.mfadsrvr.com/ Name: tuuid
Value: 26f40fd5-bf30-449b-94af-dddee1504444
.mfadsrvr.com/ Name: c
Value: 1668114477
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668114477
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-63cb6011-8ffd-429a-9d8e-327998fde7a4-004%22%2C%22zdxidn%22%3A%222057.4%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3111160757443616000V10%26type%3Dr1%26refUrl%3D%26vid%3D81144760273111160757443616000V10%26ovsid%3D%5BRX_UUID%5D%22%7D
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.lijit.com/ Name: ljt_reader
Value: FoTzDLZHPcUPQSFcQZuP4ONZ
.servenobid.com/ Name: pid_309
Value: a_4e3513f3-409e-4950-906a-e7acc18744ea
.media.net/ Name: data-rk
Value: 1921700046369469050~~8
.demdex.net/ Name: demdex
Value: 12975667986446599981909803539923337577
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.adsymptotic.com/ Name: U
Value: 5fd3159fbcd87bfcca2226bf1d086220
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3b414a2e-2a15-36c1-b99d-088d49c2221e
.bidr.io/ Name: checkForPermission
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCPiG9b612qE7EAUSFgoHcnViaWNvbhILCMiGwcO12qE7EAUSFwoIcHVibWF0aWMSCwja1arItdqhOxAFGAEgASgCMgsI6u6t-svaoTsQBTgBWgthZGNvbmR1Y3RvcmAC
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: xrmrwumu3lx
.casalemedia.com/ Name: CMID
Value: Y21oLIvjQsP17ON6-CwhMgAA
.casalemedia.com/ Name: CMTS
Value: 4954
.casalemedia.com/ Name: CMPRO
Value: 5335
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIs19EZL8M/AnXrd8oPN4aCOjr5BZNoqU4dyQQqYXRR/ytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.amazon-adsystem.com/ Name: ad-id
Value: A0wllPoStkEwnsTPQXctqiM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_324
Value: 1974054390330761123
.smartadserver.com/ Name: csync
Value: 139:0
.media.net/ Name: data-r
Value: LABKAC2A-J-681G~~1
.simpli.fi/ Name: suid
Value: F8D63E0D650F4D469FDEA0DB4926F592
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y21oKgAAACFEfAAW&KRTB&22978-Y21oKgAAACFEfAAW&KRTB&23194-Y21oKgAAACFEfAAW&KRTB&23209-Y21oKgAAACFEfAAW
.pubmatic.com/ Name: PugT
Value: 1668114477
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-56dd1a37-4dba-47d0-839f-f69969cfcfff&KRTB&22918-56dd1a37-4dba-47d0-839f-f69969cfcfff&KRTB&23031-56dd1a37-4dba-47d0-839f-f69969cfcfff
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3448636d-682c-4000-85eb-b55489834e65&KRTB&16736-uid:3448636d-682c-4000-85eb-b55489834e65&KRTB&23019-uid:3448636d-682c-4000-85eb-b55489834e65&KRTB&23208-uid:3448636d-682c-4000-85eb-b55489834e65

32 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202107/4aa76d07cfc339394516ee385aad5a8e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202112/e738d0a18b6c4097de3c1cd10e5a2699.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/030c674cf3948117740aab3379049b4a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202201/bc9ca93eafab70825b460adb96e72249.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/48faa555f8149430f7174815bf373340.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a045a7917f9570f433776ba43c4f3a0e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/04d6da6f2fe5fbdb8914fe81a3a9bc85.jpg?w=800&h=744&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/287775f336d435affef19b5fa8067913.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/11cd9225b64ec69ca292342f1f5ca4b4.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/897d1b6ad6c3f125aaec08e09a3444eb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/cb2410ab401502c3b601cde9423e5c6c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/a4f2e81d200854833ad9f98dbf800d8a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202204/89bd1661cf469eb9390e6891448788d6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/7d65bd5f48dc11950762715b01b54794.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/1c4650a264630a4d596339a7d0bea1ad.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/2d9f2b9545207b04af5f6e99af94eb89.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/592ef6862207a2cadd687246d57d89aa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/dead7223960c14d996503db78b522848.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202201/c179fd45253101eea2e5dc377fecc523.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8a18a68d72fcb254065258d9ffba43bc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a2f6dcb50531dc8980f68638a9acf6e9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/e54b6e8f7511569a96ac368c0d1f888f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e64ade74b4341d0ca83f20035518eb88.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-24420241173898449524&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3176&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=6217&ga_cid=amp-sQbmasO-OozquhJUa0xREg&ga_hid=6217&dt=1668114470110&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2021wu-yin-liang-pin-zui-re-mai-bao-yang-hao-wu-top-5-wang-zan-guan-jun-gao-cp-shi-fu-bu-xin-teng.html&bdt=3212&dtd=539&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvMjAyMXd1LXlpbi1saWFuZy1waW4tenVpLXJlLW1haS1iYW8teWFuZy1oYW8td3UtdG9wLTUtd2FuZy16YW4tZ3Vhbi1qdW4tZ2FvLWNwLXNoaS1mdS1idS14aW4tdGVuZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://z.moatads.com/appierdisplay844822012038/moatad.js(Line 138)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=1045718042&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114477511&bpp=3&bdt=498&idt=337&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&nras=1&correlator=5209430815737&frm=8&ife=1&pv=2&ga_vid=396498336.1668114478&ga_sid=1668114478&ga_hid=1030500028&ga_fc=0&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C44761793%2C44774649%2C42531705%2C44774653%2C31070763%2C44775017&oid=2&pvsid=634105456463972&tmod=1771969993&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.y3xha2ju591b&fsb=1&dtd=354
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=399784846&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668114477514&bpp=1&bdt=501&idt=357&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5209430815737&frm=8&ife=1&pv=1&ga_vid=396498336.1668114478&ga_sid=1668114478&ga_hid=1030500028&ga_fc=0&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C44761793%2C44774649%2C42531705%2C44774653%2C31070763%2C44775017&oid=2&pvsid=634105456463972&tmod=1771969993&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b4yo2l9jenqc&fsb=1&dtd=361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHchHfRiodgi9nlSmR2JHIY&google_cver=1&google_push=ASkJ3FaP9hiG8TT-mYkiF2qpIxaY6AT1NOtLbWtNZPOh21YwdMyO5ZjJKpUhkWdpGsQrVuc8niN5BvMuQCWFOzLvm9RIwkWHNdFhWZMsoa_JzkYxo5vs3spj3fNnDq6SJFzgLyz9NXul1HJq
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://static.bg3.co/imgs/202107/18bdd6989ab8303b9e1bd215b56815f2.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42f95592a5fb3e0cd0317841c59bbdb5.safeframe.googlesyndication.com
4d90290c27e89bcfa83106bb27daa176.safeframe.usercontent.goog
6cf59245a9f875c35fded5efdce5f28a.safeframe.googlesyndication.com
6fb072e4-4c1e-431c-a844-c55c93891445.t.ssp.hinet.net
a.c.appier.net
a.sportradarserving.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.appier.net
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bidder.criteo.com
c.bing.com
c.holmesmind.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.besafe.global
cdn.doubleverify.com
cdn.holmesmind.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-35465494912996878335.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
ds.uncn.jp
dsp.nrich.ai
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
g2.gumgum.com
geo.moatads.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.scupio.com
public.servenobid.com
px.ads.linkedin.com
px.moatads.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb0.doubleverify.com
rtbc-ae1.doubleverify.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.c.appier.net
s.company-target.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.ssp.hinet.net
tags.rd.linksynergy.com
tg.socdm.com
theta219.rtb.appier.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vst.c.appier.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
y.one.impact-ad.jp
z.moatads.com
cs.admanmedia.com
cs.chocolateplatform.com
csync.loopme.me
fp.holmesmind.com
image6.pubmatic.com
odr.mookie1.com
sync.go.sonobi.com
sync.outbrain.com
103.132.192.30
103.229.10.247
103.229.205.242
103.231.98.194
103.231.98.196
103.231.98.197
103.254.153.194
104.16.87.20
104.18.12.76
104.18.13.76
104.18.19.126
104.18.98.194
104.211.156.162
104.254.148.252
104.254.151.68
104.26.3.91
104.26.4.103
104.65.229.158
107.178.254.65
129.158.42.199
13.107.42.14
13.112.54.241
13.251.2.7
13.33.33.118
13.33.88.20
13.33.88.84
13.35.8.124
13.76.45.37
139.162.58.205
139.5.84.243
142.250.4.132
142.250.4.155
142.251.10.101
142.251.10.155
142.251.10.156
142.251.10.94
142.251.12.132
142.251.12.147
142.251.12.155
142.251.12.94
142.251.12.97
145.40.89.200
151.101.193.108
151.101.194.49
152.199.39.108
169.197.150.7
172.217.194.132
172.217.194.154
172.217.194.156
18.136.127.148
18.136.88.127
18.138.18.111
18.139.170.135
18.155.68.107
18.176.202.191
18.182.216.82
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.31.5.52
185.183.112.155
185.184.8.90
185.84.60.30
198.8.71.130
20.212.157.225
202.232.238.37
202.241.208.52
203.75.214.136
204.79.197.200
209.191.163.209
209.191.163.210
209.58.188.181
210.59.219.181
213.180.193.90
23.106.127.164
23.106.127.39
23.106.127.53
23.108.98.205
23.207.180.199
23.207.180.23
23.207.181.216
23.207.181.47
23.213.140.31
23.52.171.120
23.52.171.88
3.1.173.93
3.1.99.79
3.113.206.37
3.126.154.37
3.210.61.234
3.228.33.18
3.33.220.150
34.107.148.139
34.126.167.117
34.149.43.113
34.199.177.9
34.246.45.103
34.95.67.231
34.96.119.68
34.96.71.22
34.98.67.3
35.190.60.146
35.201.76.93
35.208.249.213
35.213.109.249
35.213.117.18
35.213.12.39
35.213.93.179
35.244.159.8
35.71.178.8
35.72.192.39
35.79.10.95
37.157.4.28
47.252.78.131
50.116.239.135
51.68.39.188
51.79.234.100
52.196.174.187
52.220.251.156
52.38.91.115
52.46.128.147
52.73.135.52
52.74.13.196
52.74.177.209
52.84.45.81
54.179.133.159
64.120.88.131
64.202.112.63
65.9.164.73
67.199.150.85
67.220.226.232
69.16.175.42
69.173.144.139
69.173.158.64
69.173.158.65
72.247.127.219
72.247.81.178
74.118.186.44
74.125.24.95
74.214.196.131
8.43.72.98
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03638623b509735e5010b756973328dcc8a213242e3395f71988f9ad47564ada
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
03a341ac7d5ff6045bbde5c16b6b56d840d26620de95ba34206219304e59134f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0736033dafaea5a36203b95b7562afdd3559a4c9edf234339a886347cd032bea
0825dd11880b60c89dc7bc575774ea91d035bea7e6870a2db796e795f3abaa41
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c73004a0aedbaafb511c76e927d6477a191dc8861d0191d2aca72a9182557b8
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e
0e9ee67a77f6247ad33e28d7f97576cadb449f7bc925719c995dbb030bc2f07c
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1585c46b01f38eed21e4ee53e347673bdfc3fc7dc397a8d5d7a2a3c30a0b9611
15bcadb21c1c7bbdb452fef43f73bd090f4ba0269a4bf58cf8fe64542d7c3f38
15db15e9e755646b82b63ad8d68444e05fa573b907d158ae1083ce9b751d230c
180da74ce9375ca42602791a0da2469f12bd1893cca6c842d6261047f6f05905
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
2073a3508a01afc475ea2d624503aa832e60d3c6c0c78df40ece7170f24d88cc
212beb7aeaeae945e3f9b76004b2a50b1f4ad0489fb84c40e3d5c47e7c6281ce
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
2238ad5567c5fac17e4d86c0c9eee7fa8c3b37ac1e25817082b7a290a40d3fac
2616a3d5bbd9c85307a942baee15442e8e31a396bb583edea0cd8955de075e1b
2631b3d38e42d675844b0ee850a32acfb8fb67b9405180040562dcfa21d3f558
2667726471c962777e9f47fb7a418b0d28ad67a63c26b5c214d6f0fc1f85d0c3
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
2b21f4d2f2e77d87240629cf2e5cc47363788802f79274dfdf0e01773f2eca7a
2c2009540f2ca7f7d9ca916c55dcffaa7405baccb62f863b1991c7ab73561fbe
2cbf9cbf225c591c9cb4555fafd7d778368ad987d601a1e26e1776a30add9db0
2cc7ad74dbcaa64296359bbb41713809f3b8c5121ae7a085b77eb0ed024a7209
2da557c408a9077ec01fb5fc9a684037d5dd35da6b988cd773b0675de84a10be
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bad9d978b91acf980046287d7b0db7a7fe4cd06c4aae6429a4a42e76c84fe7
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df
34b9ad4d1f0a316301ee8754d5edc256ba50735e9e30ea552743abbdcffbc158
351d716c4a86384b43da1af9a76d73b36647038696f4fd8949ebecf2d985d89d
35616769c01332cf833787014f945cd785bddac1fd97dd7040a26e66dd3abd94
360fc1d8a69fa3854fac98a563f8dbe6da26440e82c6fa77503db7574ae98fe1
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36965e85261fd2479e2e9dc7c244c8e724ede0fc8dc428042e323ab4e5e43079
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
38ee8c2399ccb334265b60b61a53e83a12ba38ea227833abb7447106ec85ac81
3a9d29577bed7a64912f16b601cffc79a35ae2998d1c83b7d008985d342444dd
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
3c73a0cfd4d0058fe2374484019ef7ba096708d415f7435b19d4fc9cdd0807c7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0cccc8f03ca68b73e670679b1eb68c6d62fe1a2cfc62d9a897f61c2300e62e
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3eeb055d7d06c17cd648bdc6c32520c00d74a04c86007ed40820b0133ee01c4b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fee35a6dd4250c39c35bf3db731a9c76184b7474d81f9f1b1695a53af56238b
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473d9e8564b9e81541deb27a43875aa1d86343582970dfa13628ab7bc3213f4e
47e225325ff5b91b88594d0652de8e772978a65f5e1d0cabe9770e71e051fb78
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b7f8cebac80f2335a4c7b6e7dafdbd253dbf28611433a96f14507adc3ce0685
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f5e727a9d7b03885da2c56f5068d2c2a2c7bbcd4327f4a8a2de58fa554b895d
52ea111d025f140e2e86905df4d3d92f55f6542b6b0876a523637d0dcedcf923
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5655d27c5f4ca148bc9027710b85b914bcf13c1e39e40c0bff5a95fdae5fecec
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bff3c9020196c978136024d8f0db053f1fc4d20ce5035403188229c8a6ff8
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6a9ad5b3dc3f39261bb8a47eba3d5069eb3fc143556f549b3974323f6060219d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d78568ee5a1580188eb3ad7cfa140fa222f344f5bfe3410098d7356f4a45123
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70005a712e48e89c3f725b20b3b0922ef5f13625407a0b5c3dd77daf42d95f63
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
78d6f1b327c0d1ac06368376af263d0c65090b036cd323e4d2a065d62b59ea74
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
7d87f62f95256c5f24a92d25bb2320da4b98501415c59425a9d8c59ee48b13cd
7e5350a0771dea87efbb0409d4dc69be050a461ba8b958d5c05896da05747f3c
800fbe7a12b2a4295f70d2a15dd5ad0b2c7c1b549d3df231a2f2d0c3bd01aa1a
8241200aa4bc5a8825c62ce3504d7c4a7a338dced63c39f3eb7a594be2b71c42
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
851558ebaa88997a3b75a2cfe274783b8ed612ff3a44dff795f8e601b3695f88
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
920b421933daabde5596f2c24fe6db87ce1969b9e760f3797a8e4f38cc223058
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92df956ef7b4af82ea32c728076b655c2896720a1cb70209082230866eb07132
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
95a43f4161fe6b9c9676568c252f1f60b1ac711eef95ad759f028ebc618043ef
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
97636d4007f50f589ee07eacba172bfd4a78f1ff06e95abc208cd904f5765c28
982ff00d81991ea6c91cc9c591984c5e744efd338ad55a33b7f4931020a2eb67
988bdc7e08d1098034e64026c476192d1118dec005282e25758ff622f581d516
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a22c4379a72780394819a42e4a91f08ab18186fbc2aeaa6f499dee237e348983
a27c73819fe99b34fa977efd88545f3a6fd51e7bd5a741ce25f38f0fa7e6630c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a782b4620679d8903a0ba5e8476140524c70aa3bf951c93ec14be7c4f9ffaeda
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ad1e0186c57ad18e9e1cdbb41ec1767ce7296a2b46d7f09cc2bdc2db6aec5c70
b093f197371c0571499c72a87f7cffe71da3c92abaa997faa322ae1c9011aadc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d37eb29de4816d5b8e770ab5290b0bc02f47b852cd98ad7e3883ebc8fafb00
b448a1e16c1c927fb6883b941fe66c06445b659c36d2f1628e1a76935c46ca2f
b699e00d325cf47de93d54ff356a3c0dac7de9cc403291611dfe91886347a424
b95ea4c1bf65fbc7abe25f2d2d60b4c967622b0cc29454e8625865a2259aa64f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfa58d1390a3dcb8f858cc54c5249f1461569a963b1a6d55d4df0078a492fada
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c39ef5c9f962bed009fa52d7e2a30b91554eb8e8805c28062f881a0c760a3d7d
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87
c9545fac0e8761788301b87913a9c8a7ae5c6297e3a26848df3e2f33cd27134e
ca0404884e5bc4e5fe03fc250e28205df4490a2a3fa71cefe279a0ba3ce35011
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cdc2b7d18ef7a5fdb1049f1ff8d9da243edfd22274875f9a75e23932a04c01ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e42ca077348ce1f284a0e106d6c501b2735ef1f8404da46f863d48a809767d
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e
d486dd107e83c823be9e151cfcf95da6b612b6ffaf280e0a0390cc1c4dc48738
d50cb19b0ef8095ffca4eb5a2316bcb2ffb1cd990976fbe0d4df9ab8ef3b620b
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d64b46dfea210d9a12deeae54f451ae367119ce81eac197fa12ed5d3e4aa7d8d
d91801c6714d7619533ad7512ae9b8588d51e38b70e9bfc6739a5ee7d5e8359f
d9cf1bdc04ec9e82f94d73bc3841aa4dbd39309e1f7f647b7b01108eaad00c24
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
db3bb0331e0217a9b13adc92afdce74540822e9a2094a4c640a23522f6596b88
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f
dcef7cfad3363ef36a16fd99bef94a00b40e7335bd8646b706856ce61172c60a
de4d3a5ffa4d0f171771e3ca4db9e3a038910a2037520bf6edef524738bf5cf4
df0ac4d49013acdf8664cdc55284bfec2b682ff56860a0a45bce97c9d00bcd7f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b826d6bfab5b6c580c7454d363107b3d5c4774680c1528bcc6cd0805be9e29
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ebffb5b1bb660eecca9eacabf7ce6224148d02b146ac0a77dddfa09a64ce807a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec4bf3e64407fef38d1bf563a09254ac3e5893ac7e2e9882b4d39ee81420f46e
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
ed6fd8d6502bf0dd88361884fcbdde01bea48eccb8d385078980bebf9a46c522
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f115b3cea541e8397ba745d8dd224bbbe30a50e9e318f81f34cdee2aaedca18c
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
fa966c6fef4a60d4b82026ae6a56b60dcda31062b61d89c06ee529ebc4081557
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fbe31db088d24e3bd753462210ebff9767cfcb19c9a2e5454b514291142bc680
fc2ce7f1079431f6f9178fd0a22eb376265c6aee52f88f05e5e3c9e98757266b
fc59dfe8d20bc7bf5cc4b2ebb433aaa2587241f2063c77e6a148d2b717d19bbe
fc9fd290efae96d0a0b5fdf757b3cd6a746e13624527a7fc742ad14451124ff2
fce0c659d4131d823933f1ab4eb84806ea70b12514c87912d14b0e660048fe57
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76