urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-c...
Submission: On November 23 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 118 IPs in 10 countries across 109 domains to perform 579 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 93470.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.200.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
14 172.67.72.16 13335 (CLOUDFLAR...)
60 142.251.10.155 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
2 142.250.4.97 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
3 172.217.194.113 15169 (GOOGLE)
2 14 74.125.130.155 15169 (GOOGLE)
2 4 103.229.10.192 16509 (AMAZON-02)
2 74.125.130.156 15169 (GOOGLE)
5 142.251.12.154 15169 (GOOGLE)
2 13.35.8.26 16509 (AMAZON-02)
15 142.251.10.156 15169 (GOOGLE)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 52.41.101.164 16509 (AMAZON-02)
3 18.176.226.248 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
10 14 68.67.179.153 29990 (ASN-APPNEX)
1 35.213.117.18 15169 (GOOGLE)
3 4 145.40.89.200 54825 (PACKET)
1 182.161.73.145 55569 (CRITEO-AS...)
6 40 51.79.234.100 16276 (OVH)
12 52.212.146.227 16509 (AMAZON-02)
1 18.139.6.26 16509 (AMAZON-02)
1 7 34.98.64.218 396982 (GOOGLE-CL...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 23.195.153.54 16625 (AKAMAI-AS)
1 13.33.33.43 16509 (AMAZON-02)
2 52.183.162.69 8075 (MICROSOFT...)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
31 142.251.10.132 15169 (GOOGLE)
9 74.125.24.105 15169 (GOOGLE)
6 74.125.24.157 15169 (GOOGLE)
14 14 103.229.205.243 30419 (MEDIAMATH...)
24 58 172.217.194.156 15169 (GOOGLE)
3 3 13.33.88.20 16509 (AMAZON-02)
1 1 18.177.11.95 16509 (AMAZON-02)
1 1 18.180.91.211 16509 (AMAZON-02)
6 6 50.31.142.31 23352 (SERVERCEN...)
4 8 172.64.154.237 13335 (CLOUDFLAR...)
17 18 74.118.186.45 26120 (RHYTHMONE)
10 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
1 209.58.165.139 59253 (LEASEWEB-...)
1 209.58.163.32 59253 (LEASEWEB-...)
1 2 103.3.63.48 63949 (LINODE-AP...)
1 1 139.162.23.100 63949 (LINODE-AP...)
2 23.59.80.114 20940 (AKAMAI-ASN1)
7 23.72.45.156 16625 (AKAMAI-AS)
1 14 139.5.84.243 27381 (CASALE-MEDIA)
4 52.63.31.162 16509 (AMAZON-02)
3 8 35.244.159.8 15169 (GOOGLE)
1 2 23.53.160.138 16625 (AKAMAI-AS)
14 16 35.213.12.39 15169 (GOOGLE)
6 9 52.74.36.190 16509 (AMAZON-02)
6 6 54.243.58.43 14618 (AMAZON-AES)
5 8 213.180.204.90 13238 (YANDEX)
2 142.250.4.149 15169 (GOOGLE)
23 52.95.134.19 16509 (AMAZON-02)
3 34.149.43.113 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
14 15 15.197.193.217 16509 (AMAZON-02)
4 12 35.71.178.8 16509 (AMAZON-02)
1 52.84.45.26 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
4 14 23.15.148.136 16625 (AKAMAI-AS)
1 104.18.36.94 13335 (CLOUDFLAR...)
14 23.195.152.23 16625 (AKAMAI-AS)
3 3 50.116.239.135 6336 (TURN-US-ASN)
2 2 202.241.208.57 4694 (IDCF IDC ...)
1 3 69.173.144.139 ()
8 14 69.173.158.64 ()
1 3 23.106.127.164 ()
2 4 35.190.60.146 15169 (GOOGLE)
4 10 52.46.155.104 ()
15 20 67.199.150.82 ()
5 7 52.74.162.2 ()
1 18.155.68.41 ()
4 42.99.140.185 ()
1 52.220.200.169 ()
3 3 68.67.161.208 ()
4 4 13.114.67.130 ()
1 172.64.151.162 ()
2 2 198.8.71.130 ()
4 23.72.44.196 ()
2 23.36.252.26 ()
5 5 18.141.93.231 ()
2 2 182.161.73.146 ()
2 2 23.75.214.29 ()
2 2 3.126.154.37 ()
2 54.86.208.230 ()
2 3 13.107.42.14 ()
1 2 104.18.101.194 ()
4 4 35.213.93.179 ()
1 204.79.197.200 ()
1 52.199.30.24 ()
1 2 23.106.127.38 ()
1 13.33.88.118 ()
2 2 209.191.163.209 ()
3 4 63.251.14.14 ()
1 1 52.55.206.218 ()
2 3 52.95.126.138 ()
5 5 151.101.194.49 ()
16 18 103.231.98.194 ()
1 67.199.150.81 ()
1 17 13.112.54.241 ()
2 2 74.214.196.131 ()
3 3 38.133.127.95 ()
3 132.226.63.138 ()
2 38.91.45.7 ()
2 2 18.136.131.197 ()
2 2 185.184.8.90 ()
1 1 162.254.186.187 ()
3 23.106.127.52 ()
2 2 54.254.84.61 ()
10 3.215.164.221 ()
1 1 13.251.2.7 ()
1 37.157.4.25 ()
1 1 52.26.113.93 ()
1 2 64.120.110.139 ()
2 2 8.43.72.97 ()
4 5 185.84.60.21 ()
1 1 18.138.18.111 ()
1 1 139.162.38.30 ()
1 202.131.200.84 ()
1 18.176.115.166 ()
1 2 35.186.193.173 ()
1 3.1.14.27 ()
1 35.214.223.115 ()
1 195.5.165.20 ()
1 2 104.18.25.173 ()
3 67.199.150.85 ()
1 1 35.230.38.116 ()
1 1 35.186.253.211 ()
2 64.120.110.138 ()
1 52.203.53.149 ()
2 198.206.157.242 ()
579 118
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
cdn.ampproject.org
1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com
91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
14    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
60    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adservice.google.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
d-26381953272988190151.ampproject.net
3    172.217.194.113 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f113.1e100.net
www.google-analytics.com
14    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
4    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
partner.googleadservices.com
5    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
adservice.google.co.nz
2    13.35.8.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-26.sin5.r.cloudfront.net
adx.holmesmind.com
15    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    52.41.101.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-101-164.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
3    18.176.226.248 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-226-248.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
14    68.67.179.153 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
4    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
40    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
12    52.212.146.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    18.139.6.26 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-6-26.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
2    52.183.162.69 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
31    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
9    74.125.24.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net
www.google.com
6    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
14    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
58    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
cm.g.doubleclick.net
3    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p1.ladsp.com
cr-p3.ladsp.com
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    18.180.91.211 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-91-211.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
6    50.31.142.31 (Elmhurst, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
8    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
18    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
10    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    209.58.165.139 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
theta273.rtb.appier.net
1    209.58.163.32 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
vst.c.appier.net
2    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
a.c.appier.net
1    139.162.23.100 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li865-100.members.linode.com
s.c.appier.net
2    23.59.80.114 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-80-114.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
7    23.72.45.156 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
14    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    52.63.31.162 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-31-162.ap-southeast-2.compute.amazonaws.com
www.adtrek.co
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
u.openx.net
2    23.53.160.138 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com
sync.teads.tv
16    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
9    52.74.36.190 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    54.243.58.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-58-43.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    213.180.204.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
2    142.250.4.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f149.1e100.net
s0.2mdn.net
23    52.95.134.19 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
3    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ae1.doubleverify.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
15    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
12    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    52.84.45.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-26.mrs52.r.cloudfront.net
public.servenobid.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
14    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
14    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    69.173.144.139 (None, )

ASN- ()
pixel-eu.rubiconproject.com
14    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
3    23.106.127.164 (None, )

ASN- ()
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
10    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
20    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
7    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
1    18.155.68.41 (None, )

ASN- ()
cdn.besafe.global
4    42.99.140.185 (None, )

ASN- ()
ad.appier.net
1    52.220.200.169 (None, )

ASN- ()
geo.moatads.com
3    68.67.161.208 (None, )

ASN- ()
secure.adnxs.com
4    13.114.67.130 (None, )

ASN- ()
match.prod.bidr.io
1    172.64.151.162 (None, )

ASN- ()
cdn.indexww.com
2    198.8.71.130 (None, )

ASN- ()
p.rfihub.com
4    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
2    23.36.252.26 (None, )

ASN- ()
cs.media.net
5    18.141.93.231 (None, )

ASN- ()
pm.w55c.net
2    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
2    23.75.214.29 (None, )

ASN- ()
stags.bluekai.com
2    3.126.154.37 (None, )

ASN- ()
rtb.mfadsrvr.com
2    54.86.208.230 (None, )

ASN- ()
cs.emxdgt.com
3    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
4    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
1    204.79.197.200 (None, )

ASN- ()
c.bing.com
1    52.199.30.24 (None, )

ASN- ()
g2.gumgum.com
2    23.106.127.38 (None, )

ASN- ()
ssbsync.smartadserver.com
1    13.33.88.118 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
2    209.191.163.209 (None, )

ASN- ()
ce.lijit.com
4    63.251.14.14 (None, )

ASN- ()
ap.lijit.com
1    52.55.206.218 (None, )

ASN- ()
ssp.disqus.com
3    52.95.126.138 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
5    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
18    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
17    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
2    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
3    38.133.127.95 (None, )

ASN- ()
sync.outbrain.com
3    132.226.63.138 (None, )

ASN- ()
sync.technoratimedia.com
2    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    18.136.131.197 (None, )

ASN- ()
ad.360yield.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    162.254.186.187 (None, )

ASN- ()
demand.trafficroots.com
3    23.106.127.52 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    54.254.84.61 (None, )

ASN- ()
sync.tidaltv.com
10    3.215.164.221 (None, )

ASN- ()
cs.minutemedia-prebid.com
1    13.251.2.7 (None, )

ASN- ()
ads.yieldmo.com
1    37.157.4.25 (None, )

ASN- ()
cm.adform.net
1    52.26.113.93 (None, )

ASN- ()
visitor.omnitagjs.com
2    64.120.110.139 (None, )

ASN- ()
ads.us.e-planning.net
2    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
5    185.84.60.21 (None, )

ASN- ()
c1.adform.net
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    139.162.38.30 (None, )

ASN- ()
gocm.c.appier.net
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    18.176.115.166 (None, )

ASN- ()
dps.jp.cinarra.com
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
1    35.214.223.115 (None, )

ASN- ()
csync.loopme.me
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    104.18.25.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
3    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    35.230.38.116 (None, )

ASN- ()
um.simpli.fi
1    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
2    64.120.110.138 (None, )

ASN- ()
u-sin01.e-planning.net
1    52.203.53.149 (None, )

ASN- ()
a.audrte.com
2    198.206.157.242 (None, )

ASN- ()
s.e-planning.net
Apex Domain
Subdomains		 Transfer
93 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com
91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
1 MB
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
561 KB
46 pubmatic.com
image8.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
45 KB
40 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 747
16 KB
37 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 954
fastlane.rubiconproject.com — Cisco Umbrella Rank: 495
eus.rubiconproject.com — Cisco Umbrella Rank: 567
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
68 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540
dsum.casalemedia.com
19 KB
23 amazonaws.com
s3-ap-southeast-2.amazonaws.com
608 KB
18 gumgum.com
g2.gumgum.com
usersync.gumgum.com
6 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
acdn.adnxs.com — Cisco Umbrella Rank: 589
secure.adnxs.com
33 KB
17 media.net
prebid.media.net — Cisco Umbrella Rank: 1272
contextual.media.net — Cisco Umbrella Rank: 537
cs.media.net
20 KB
17 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 952
x.bidswitch.net — Cisco Umbrella Rank: 293
8 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
5 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 435
ups.analytics.yahoo.com
7 KB
16 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 14979
us-u.openx.net — Cisco Umbrella Rank: 422
u.openx.net — Cisco Umbrella Rank: 666
jp-u.openx.net — Cisco Umbrella Rank: 8659
rtb.openx.net
3 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 307
8 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 601
pix.as.criteo.net — Cisco Umbrella Rank: 13934
csm.as.criteo.net — Cisco Umbrella Rank: 13278
137 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15676
e3.adpushup.com — Cisco Umbrella Rank: 17199
campaign.adpushup.com — Cisco Umbrella Rank: 33068
aplogger.adpushup.com — Cisco Umbrella Rank: 16764
235 KB
15 bg3.co
www.bg3.co — Cisco Umbrella Rank: 93470
static.bg3.co
16 KB
14 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 471
8 KB
13 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
8 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 559
eb2.3lift.com — Cisco Umbrella Rank: 344
13 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1693
public.servenobid.com — Cisco Umbrella Rank: 3317
8 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 522
8 KB
11 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
cs.minutemedia-prebid.com
8 KB
10 appier.net
theta273.rtb.appier.net
vst.c.appier.net — Cisco Umbrella Rank: 10917
a.c.appier.net — Cisco Umbrella Rank: 19766
s.c.appier.net — Cisco Umbrella Rank: 5268
ad.appier.net
gocm.c.appier.net
7 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 371
218 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 708
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 16436
ads.as.criteo.com — Cisco Umbrella Rank: 13013
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 13668
gum.criteo.com — Cisco Umbrella Rank: 381
dis.criteo.com
47 KB
8 smartadserver.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
8 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3506
2 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 407
geo.moatads.com
px.moatads.com
111 KB
7 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 141343
2 KB
6 e-planning.net
ads.us.e-planning.net
u-sin01.e-planning.net
s.e-planning.net
i.e-planning.net Failed
2 KB
6 adform.net
cm.adform.net
c1.adform.net
3 KB
6 lijit.com
ce.lijit.com
ap.lijit.com
3 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 696
3 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 995
3 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 556
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 26917
sync.aralego.com — Cisco Umbrella Rank: 2855
4 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 w55c.net
pm.w55c.net
4 KB
5 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 443
rtb0.doubleverify.com — Cisco Umbrella Rank: 655
rtbc-ae1.doubleverify.com — Cisco Umbrella Rank: 19128
26 KB
4 sportradarserving.com
a.sportradarserving.com
1 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 566
571 B
4 adtrek.co
www.adtrek.co
199 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178
190 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 879
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1002
pixel.quantserve.com — Cisco Umbrella Rank: 680
cms.quantserve.com
11 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8828
46 KB
3 technoratimedia.com
sync.technoratimedia.com
888 B
3 outbrain.com
sync.outbrain.com
1 KB
3 linkedin.com
px.ads.linkedin.com
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 753
1 KB
3 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 95148
cr-p3.ladsp.com — Cisco Umbrella Rank: 23457
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1352
sync.teads.tv — Cisco Umbrella Rank: 1242
909 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40
510 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 ctnsnet.com
ipac.ctnsnet.com
675 B
2 tidaltv.com
sync.tidaltv.com
676 B
2 creativecdn.com
creativecdn.com
701 B
2 360yield.com
ad.360yield.com
625 B
2 deepintent.com
match.deepintent.com
60 B
2 contextweb.com
bh.contextweb.com
1 KB
2 adsymptotic.com
p.adsymptotic.com
478 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 bluekai.com
stags.bluekai.com
2 KB
2 rfihub.com
p.rfihub.com
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 898
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 628
cdn.indexww.com
2 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 274
121 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3640
visitor.omnitagjs.com
911 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 431487
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1008 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 17728
10 KB
1 audrte.com
a.audrte.com
2 KB
1 simpli.fi
um.simpli.fi
662 B
1 iprom.net
core.iprom.net
277 B
1 loopme.me
csync.loopme.me
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 ambientdsp.com
cm.ambientdsp.com
652 B
1 yieldmo.com
ads.yieldmo.com
396 B
1 trafficroots.com
demand.trafficroots.com
633 B
1 disqus.com
ssp.disqus.com
472 B
1 bing.com
c.bing.com
668 B
1 besafe.global
cdn.besafe.global
13 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
5 KB
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 95121
307 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 99752
683 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 940
633 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 400
2 KB
1 ampproject.net
d-26381953272988190151.ampproject.net
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 linksynergy.com Failed
tags.rd.linksynergy.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 agkn.com Failed
aa.agkn.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
579 109
Domain Requested by
58 cm.g.doubleclick.net 24 redirects googleads.g.doubleclick.net
www.bg3.co
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
56 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
adx.holmesmind.com
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
40 onetag-sys.com 6 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
31 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
23 s3-ap-southeast-2.amazonaws.com www.adtrek.co
s3-ap-southeast-2.amazonaws.com
www.bg3.co
20 image8.pubmatic.com 15 redirects onetag-sys.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
17 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
16 x.bidswitch.net 14 redirects onetag-sys.com
15 match.adsrvr.org 14 redirects cdn.adpushup.com
14 contextual.media.net cdn.adpushup.com
contextual.media.net
public.servenobid.com
eus.rubiconproject.com
ads.pubmatic.com
14 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 sync.mathtag.com 14 redirects
14 ib.adnxs.com 10 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
14 static.bg3.co www.bg3.co
12 simage2.pubmatic.com 10 redirects ads.pubmatic.com
12 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
public.servenobid.com
12 sync.1rx.io 12 redirects
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
12 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
www.bg3.co
11 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
10 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
ads.us.e-planning.net
10 s.amazon-adsystem.com 4 redirects onetag-sys.com
ssum-sec.casalemedia.com
eb2.3lift.com
www.bg3.co
10 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
10 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
9 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
8 an.yandex.ru 5 redirects www.bg3.co
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 ups.analytics.yahoo.com 5 redirects onetag-sys.com
7 us-u.openx.net 3 redirects googleads.g.doubleclick.net
u.openx.net
7 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
7 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 e3.adpushup.com www.bg3.co
6 image2.pubmatic.com 6 redirects
6 px.moatads.com 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
www.bg3.co
6 sync.srv.stackadapt.com 6 redirects
6 sync.targeting.unrulymedia.com 5 redirects ads.pubmatic.com
6 b1sync.zemanta.com 6 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 sync-tm.everesttech.net 5 redirects
5 pm.w55c.net 5 redirects
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 token.rubiconproject.com 4 redirects
4 ap.lijit.com 3 redirects public.servenobid.com
4 a.sportradarserving.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 match.prod.bidr.io 4 redirects
4 ad.appier.net 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
4 id.rlcdn.com 2 redirects onetag-sys.com
4 www.adtrek.co 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
www.adtrek.co
s3-ap-southeast-2.amazonaws.com
4 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
4 adpushup-d.openx.net cdn.adpushup.com
4 prebid.a-mo.net 3 redirects cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 sync.technoratimedia.com g2.gumgum.com
cs-rtb.minutemedia-prebid.com
3 sync.outbrain.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 secure.adnxs.com 3 redirects
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 ad.turn.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 pix.as.criteo.net ads.as.criteo.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 s.e-planning.net ads.us.e-planning.net
2 u-sin01.e-planning.net ads.us.e-planning.net
2 image4.pubmatic.com ads.pubmatic.com
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 ads.us.e-planning.net 1 redirects cs-rtb.minutemedia-prebid.com
2 sync.tidaltv.com 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 cms.quantserve.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
cs-rtb.minutemedia-prebid.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 stags.bluekai.com 2 redirects
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 rtbc-ae1.doubleverify.com cdn.doubleverify.com
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 u.openx.net 1 redirects cdn.adpushup.com
2 s0.2mdn.net 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
www.adtrek.co
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 cdn.doubleverify.com 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
cdn.doubleverify.com
2 a.c.appier.net 1 redirects 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
2 csm.as.criteo.net ads.as.criteo.com
2 cr-p1.ladsp.com 2 redirects
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 a.audrte.com ads.us.e-planning.net
1 rtb.openx.net 1 redirects
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 cm.adform.net cs-rtb.minutemedia-prebid.com
1 ads.yieldmo.com 1 redirects
1 demand.trafficroots.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 ssp.disqus.com 1 redirects cs-rtb.minutemedia-prebid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 geo.moatads.com z.moatads.com
1 cdn.besafe.global 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
1 cr-p3.ladsp.com 1 redirects
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 z.moatads.com 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
1 s.c.appier.net 1 redirects
1 vst.c.appier.net www.bg3.co
1 theta273.rtb.appier.net www.bg3.co
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 pixel.quantserve.com www.bg3.co
1 dynalyst-sync.adtdp.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 d-26381953272988190151.ampproject.net cdn.ampproject.org
1 campaign.adpushup.com www.bg3.co
1 www.bg3.co
0 i.e-planning.net Failed ads.us.e-planning.net
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 pool.admedo.com Failed ads.pubmatic.com
0 tags.rd.linksynergy.com Failed ads.pubmatic.com
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 ssc-cms.33across.com Failed cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed cs-rtb.minutemedia-prebid.com
0 sync.bfmio.com Failed cs-rtb.minutemedia-prebid.com
0 id5-sync.com Failed ssbsync.smartadserver.com
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.inmobi.com Failed g2.gumgum.com
0 aa.agkn.com Failed g2.gumgum.com
0 sync.go.sonobi.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
579 183

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.rtb.appier.net
AlphaSSL CA - SHA256 - G2		 2022-11-01 -
2023-12-03		 a year crt.sh
*.c.appier.net
R3		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
www.adtrek.co
Amazon		 2022-10-22 -
2023-11-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
cdn.besafe.global
Amazon		 2022-05-26 -
2023-06-24		 a year crt.sh
*.appier.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
cs.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh

This page contains 98 frames:

Primary Page: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Frame ID: 77B99A6C2A6C050E8E4599BB3F63B7FE
Requests: 93 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B40044DD8421CF24EDA6D3127FD009FC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 80B3A8F8C5C4F2695BCE2E27132F218F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 378D4BB74E842E89C3C7C05BF5DFEC07
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B9059A5DCC9BAC86EEE7BC4C6E36962E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13191368671281267234&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2940&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=1499&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&ga_hid=1499&dt=1669219659851&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&bdt=3494&dtd=688&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 2F5212E4DC863FD9CE537A3F441F45B6
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: A2D1A10C16947D9E1672B44A8F8082BF
Requests: 8 HTTP requests in this frame

Frame: https://1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 411BB4B7C7675028A4734E1C32CBF20A
Requests: 1 HTTP requests in this frame

Frame: https://91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 895DDEA41C6867745AB5FB0397C0C242
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Frame ID: 5469B9D8AC849014AEC942993C9B9B92
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: DDF9000ADB61BB1C49A278EDBFEFAA49
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 965D294B9F85921994F92A12FB7E35AC
Requests: 9 HTTP requests in this frame

Frame: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CBC662DF37A78742C8F8DC01C48C7F7
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: F6AF74B5A2B285DCE10D4BF4D2F977D8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE84D3346174EBE0AC4BA426C8BAB0EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 579AA65C9074362E68B35AB160204508
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58F9E1F26B928219A9AEC6BEA7CA0963
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11C0B61D3F8DD8DF5BB2ED9A439C06CD
Requests: 2 HTTP requests in this frame

Frame: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A8F3C8E437B966FE1E6A83211C5DD00A
Requests: 10 HTTP requests in this frame

Frame: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F49052C43CEAA7E7813F853CD1D70BF8
Requests: 30 HTTP requests in this frame

Frame: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5577AAF20C69319D6581A749DC50354
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENn9hYADGL2BgsgBMAE&v=APEucNUsqa6CK5SEy0j1TtXcKkd0vatj3oQpaj0shFpU0M6sS18EqdOiEK3NjJ3UcOFw3DtGvj_pX_uEumICukwolbzX4x7hTQ
Frame ID: 663E91AEC20C86CF4357EF8F6A810A8E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGInHgtoBMAE&v=APEucNWsQ8EbG-kisnQ_Cl27xoRRgdVBKebMKc7IyMYzqKY463aYhe_PvnuKzOeEpdrh4TVQGs-MaW3IeWi4hTtXjU82DgBQQw
Frame ID: 802C02E314EAD8B77BC7A314C4F1A117
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 979D4E9A268C3F4FF902326EA9224D59
Requests: 1 HTTP requests in this frame

Frame: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Frame ID: EAA940E193999CB09C963E2E54A08B48
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38608725ABDBF2E65F973FFE4F9BBED6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219664423&bpp=4&bdt=547&idt=511&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=352142277560&frm=8&ife=1&pv=2&ga_vid=2074365493.1669219665&ga_sid=1669219665&ga_hid=1071668765&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44779077&oid=2&pvsid=2806712281034857&tmod=1676131394&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.2rwxx68zp7h5&fsb=1&dtd=528
Frame ID: AA5DE352F57EDC42F9A39617471445E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219664427&bpp=2&bdt=550&idt=537&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=352142277560&frm=8&ife=1&pv=1&ga_vid=2074365493.1669219665&ga_sid=1669219665&ga_hid=1071668765&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44779077&oid=2&pvsid=2806712281034857&tmod=1676131394&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.jd1vnc4iiai6&fsb=1&dtd=543
Frame ID: F7B830909244043B0CFC48ADAEC6679E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A96CC6E52C862E4EE86491A42E51097
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64D9168DBEF68A4781CCA357DA1B07D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5F6B0256DC785C6433FBE70512A1B78
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E0E621055898ADE5EA2FA78FAA28EE7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F9C77C6203FA9012B04242F8CF0D8B3
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D8A4BBEB1252907F0A9E3B72C4C77C17
Requests: 11 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 617D42E0E9B1B8053E3271A92DF67875
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FB2FA006975430A26FD31AEC29335665
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669219662246
Frame ID: A724E0193E0818B7DC9B081F87E584F7
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C353417F82BA12847DCED5DDED03440A
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 87AA705F9ED8D77F66F69CA8F7606707
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E11A0DC753A1CA1B3059559991932997
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 12BF9E2BE068164ED701F0D7A3B159CA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ACBF5BC7958B1A123803F0428E298CF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A138CEBE34257F9F418BDC99C0C10868
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8301E049266F963986D67CE9DFE85F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5DC8E6FDFCC129DF5259839AA84EFB7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 225BAACDBDB2B86ED423E37C2F9301A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 515A7A55C566771B4D7189F9039A3E9F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E1812B43A252E219CA6375368040F609
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 33A62333E0F273E98E74D84B6FAC5B27
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 28EDF6DBC72F96F6393FB952328AF352
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=rkt&refUrl=&vid=92196667583122212667444262000V10&ovsid=1917759394829190040
Frame ID: 02B488E939D6EB0755C42FA5FF46E116
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Frame ID: 6EB94081398C455F2D8687A9A705942A
Requests: 17 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 294ED5C1FAD97D10817ACC5742A0075C
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 06C8D02232D635F3EA988E0072DEA1D9
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: C79525B2CC0E401D41E983B13A562990
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B37D957ACA95DA05F4F02F7A82338F26
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 22FB6E404462C6FBDF41E0068717D290
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 496AEE8773BD6E5D70EFD5B4FD4DCCB0
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: FFD72B8D37F48E7AA0CF8C28E0E06E5C
Requests: 28 HTTP requests in this frame

Frame: https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: EF3FA9BA4B8A2A5635729F800A54492C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6E84ABC255FD688DFAF6B4DD1CCC0E6C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=afa73f1e-2282-4722-ab92-69e030e1dce8
Frame ID: 6C2C277D6BCB7B82C29B141B374EC181
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Frame ID: 96161C364D79D1F3B710711EA255EEE5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW
Frame ID: CE3D8FB423358689F43D59BF97C44687
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80YWU0ZmFmMC1iYTVkLTRhYjUtYTc0NC0wOTFlMTEzZTMxYTY=&gdpr=0&gdpr_consent=
Frame ID: 41317551C3B719A94DF8AECC830BF908
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 1BB0C025D213C667D59DFEE8E6F72BF6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y35FU8Co5s0AAAaLTHUAAAAA
Frame ID: 1EFE61DBD834625813F4F7DA18E3CB21
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 27F0D553DED9B241A26E9B3FDF49A2C6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y35FTk47-C13IzGVNooSSQAA%264784
Frame ID: E14D07BD279851A91ACB51DEC3B88877
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=6PDj5x33kMd88fqpqjN7&pi=gumgum&tc=1
Frame ID: 1042D819DC03559A0292A21B113B81D2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F8A9596A4D60FADFF11F9F3C5E9DA3ED
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 4A07DB55CA4246B55F0C2A0E3C6D1B9F
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Frame ID: C30142C627FBB4D1B1E8FBF36445C5CA
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: C7B33C0333304137938861190D8E71EC
Requests: 15 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
Frame ID: F7461F0781FBDB8FE3EC4D5A09403023
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: AC2E280375224F1B95872E8B75EF8B74
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: 0622E034B43D2163C27244BF76FE3F75
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: A0B248BFB520BDF9A57EC13D1CF221B3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: 6C430F6481171B13C49F508FFE03CFE5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: 4733737BA0620EBEB8686EC000CD50CA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: CB602CD98C16E95DA56A951C178E68EB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: 424836DA24D4C150E86FC50A300C1ADD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: CEB750218F634B3C83366DCABEEB6121
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 60C99149482BDDFA8471E95DB675B2F8
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: 12ECFFE2D421EBFBC1D6E875E27F5083
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: EB4D3B13BF73A8E1F546BA5442E7D73F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: C5CA9AC6FB9F2C8993B307B9C2DDFF2E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: FE08AAE03D8E36CFD9D0CCB843E674BD
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Frame ID: 4E6D53807891A76C475689A00D73D310
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B75B1BA1EBC2111A57B4196213989076
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 8283ED9F936290F28A75CD4AD5255A23
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0C23EF65753EFFCB7C3B78386C8E2994
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4C6E895D7271809E41F31752EA9659B6
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B0A69A540D12D4A1A0A92F8E13F44F7C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=pba&refUrl=&vid=92196667583122212667444262000V10&ovsid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Frame ID: F5239FFE04AF9C1D5B05C412FE5089CC
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 7FBC1642E6179D76142DF0C9966D5503
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 8FA44DC34156D9BE113683A70C7464AF
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21506&id=APs7aB9Ucnayv3v9
Frame ID: AD674EE0123E8791402D2DED66551010
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

魔獸臺灣首戰精彩奪勝! 威廉「嗚呼」被球迷嫌爆:換人主持如何 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

579
Requests

69 %
HTTPS

0 %
IPv6

109
Domains

183
Subdomains

118
IPs

10
Countries

3967 kB
Transfer

9636 kB
Size

61
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 69
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219660&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219659904&bpp=13&bdt=1919&idt=815&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=2&ga_vid=138583064.1669219661&ga_sid=1669219661&ga_hid=99713517&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1644&biw=1600&bih=1200&isw=336&ish=280&ifk=3758756642&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705%2C31070924%2C44778768%2C31070949&oid=2&pvsid=3787270395849209&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.45diiqcc3y10&btvi=1&fsb=1&dtd=837 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 117
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FZa2tRThWiZBF46OKTAbhWSATmBURQ2w_A-p0KpJFdUeVYCOZSgJV2DeSXxdCeTE60jbQGgGlokUidLSCaYHLVtMnT0ENnB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZa2tRThWiZBF46OKTAbhWSATmBURQ2w_A-p0KpJFdUeVYCOZSgJV2DeSXxdCeTE60jbQGgGlokUidLSCaYHLVtMnT0ENnB
Request Chain 118
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_gid=CAESEJeRQoyuTh7OOhFj6ti4l_k&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_gid=CAESEJeRQoyuTh7OOhFj6ti4l_k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_hm=AVHcRXH_XYsiks8ADxwUu-B-iMA
Request Chain 119
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDwXDqWhA0EtSlZcl_vSu2k&google_cver=1&google_push=ASkJ3FbajhOHErdj4wtnmbIDMvZLRcURpBdGKLI-_M42eslxjbcbEkJQiDgQPWovelO6vAnUoTYMo77xw1lnSmNheei9Q0EyzPN0pg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3FbajhOHErdj4wtnmbIDMvZLRcURpBdGKLI-_M42eslxjbcbEkJQiDgQPWovelO6vAnUoTYMo77xw1lnSmNheei9Q0EyzPN0pg&google_hm=NTFiRzdoMDA2QkRBWTAwOFRKeWw
Request Chain 120
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESECfIZ9m6cl5w28zPozG8RT4&google_cver=1&google_push=ASkJ3Fb-jNacQOEw0dA_6vs0waOjDG1LF75RLW3sxbl3mCVyKn3U2lV4bq1LE2qxDl55GzaRBT7yP1O-5j_9cLbawyi1JOuITQPJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3Fb-jNacQOEw0dA_6vs0waOjDG1LF75RLW3sxbl3mCVyKn3U2lV4bq1LE2qxDl55GzaRBT7yP1O-5j_9cLbawyi1JOuITQPJ
Request Chain 121
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFJs9d_M-L1prgLofwsAY7A&google_cver=1&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFkyRLfdEEVL2bNdISP HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFJs9d_M-L1prgLofwsAY7A&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFkyRLfdEEVL2bNdISP&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFkyRLfdEEVL2bNdISP&google_hm=enEyeHVqeTZ3dE44T3FwQUZxV3E=
Request Chain 122
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_cver=1&google_push=ASkJ3FY4mlUlj7qZdgVHLs8iLNlWJGKXI49Kg0DK52BWs6BZHAkNB7oMudZmggtA5aadAXFGxmWaBLoDPStmNswLrJKVLo230PrsWA HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_push=ASkJ3FY4mlUlj7qZdgVHLs8iLNlWJGKXI49Kg0DK52BWs6BZHAkNB7oMudZmggtA5aadAXFGxmWaBLoDPStmNswLrJKVLo230PrsWA&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_hm=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&google_nid=index&google_push=ASkJ3FY4mlUlj7qZdgVHLs8iLNlWJGKXI49Kg0DK52BWs6BZHAkNB7oMudZmggtA5aadAXFGxmWaBLoDPStmNswLrJKVLo230PrsWA
Request Chain 123
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEICQIXRbvC7Lw_n2TlVduWo&google_cver=1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1669219663038 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe%26google_hm%3DBCdx2Xgh40jlkcEYbu9SGno HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe&google_hm=BCdx2Xgh40jlkcEYbu9SGno
Request Chain 153
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219662642&bpp=12&bdt=332&idt=491&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=352142277560&frm=8&ife=1&pv=2&ga_vid=1762398661.1669219663&ga_sid=1669219663&ga_hid=759098015&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070968%2C44770881&oid=2&pvsid=3376092955589538&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7gxnefpgtbh&fsb=1&dtd=506 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 180
  • https://a.c.appier.net/gcm?trigger_hosted_sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVEzWVpoZ1VDVFNhOTlMNlVFVi1Zdw%3D%3D&google_redir=https%3A%2F%2Fs.c.appier.net%2Fgcm2%3Ftrigger_hosted_sync%3D1 HTTP 302
  • https://s.c.appier.net/gcm2?trigger_hosted_sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier_pc&google_hm=TFpvZFNpVVREdnVxdWt3cVVFVi1Zdw%3D%3D HTTP 302
  • https://a.c.appier.net/gcm
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y35FTk47-C13IzGVNooSSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHZBFOb6dMPkh3E25xyDgQI&google_cver=1
Request Chain 204
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNDQ2NDkwMTA5NzQ3MzUwMg%3D%3D
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
Request Chain 210
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTM3YTUyMDItZTViNS0yZDFkLWM4YzItYmQzZjBiNTcwZTk2
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDzNdcS26kYQ27JQVgi6AlM&google_cver=1
Request Chain 212
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjY4MTM3MzMtMzM0MS00ZmRlLTlmNzgtOWU3MDA0YWEyN2Zk
Request Chain 218
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FY0TqhUXhCrZY43Lj8RHRwp8nsV-Pb33H6u_9MwWOgNY6vpHWlzRiA8A068qJbtkf8S_ZllpzPOzviBrXIiGDwIv5L-S5Sj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FY0TqhUXhCrZY43Lj8RHRwp8nsV-Pb33H6u_9MwWOgNY6vpHWlzRiA8A068qJbtkf8S_ZllpzPOzviBrXIiGDwIv5L-S5Sj
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQqHJdspIJgJQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQqHJdspIJgJQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQqHJdspIJgJQ&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Request Chain 220
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFAjVOzx3Rs9q0HUc35azPo&google_cver=1&google_push=ASkJ3FaIsb_eWuyd40RKyxXvgFCN7nDz16buQq00D9AQ2jniSy5zKaI_3mlT9_tz83HGZ3T6URqNCxUUuqBBh1qyPvWb89V_QuDv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaIsb_eWuyd40RKyxXvgFCN7nDz16buQq00D9AQ2jniSy5zKaI_3mlT9_tz83HGZ3T6URqNCxUUuqBBh1qyPvWb89V_QuDv&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
Request Chain 221
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJXsKg_tKCChVNlt0aSBfbU&google_cver=1&google_push=ASkJ3FaujkS_xqE_cprBUa6yOEdObhE6wr25-VpnV2BCDGDCulrmKfqqG0E92GZxPopa8ZLvatUaL6ickbEEpusfsVwnpqkSY6w-DQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MVeffG7UQNdmFZzFtiK0b3RaSso&google_push=ASkJ3FaujkS_xqE_cprBUa6yOEdObhE6wr25-VpnV2BCDGDCulrmKfqqG0E92GZxPopa8ZLvatUaL6ickbEEpusfsVwnpqkSY6w-DQ
Request Chain 222
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?ext-param=ASkJ3FZW-7QYTlswRHASdlCEMPduxR6s0f8Zl0XzjCOEn1UwMYQvkLJC1joABkyQR1th5qRIWkX6Y3ZfWJkHiIGkis4z22NpGMtPjXY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?redir-setuniq=1&ext-param=ASkJ3FZW-7QYTlswRHASdlCEMPduxR6s0f8Zl0XzjCOEn1UwMYQvkLJC1joABkyQR1th5qRIWkX6Y3ZfWJkHiIGkis4z22NpGMtPjXY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBiOY_AHTQimo70c1KZRDWI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 254
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FajjjL40yzIsAAVtXaVo8WofodyIikzh4j-uH5nwXt1gZyAilikhnrOwZlYTp0pI2NCjUBd1J-rrr8-u0YeYhCrk-XyHaPwqtYelaBmY2kFKVkiV6Z9s2lylBB8XjBxKL85vx8RI-M_sgzQWMyBZeg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FajjjL40yzIsAAVtXaVo8WofodyIikzh4j-uH5nwXt1gZyAilikhnrOwZlYTp0pI2NCjUBd1J-rrr8-u0YeYhCrk-XyHaPwqtYelaBmY2kFKVkiV6Z9s2lylBB8XjBxKL85vx8RI-M_sgzQWMyBZeg
Request Chain 255
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3FZBoB6dyX1kMrlDCsd_c0Vavh56FHFqhuHLBEPqn2L1dSh68NJ5vTR4vNBZHMsOmGrKL5S22-hTJnfrbPWG1Xw80cTa5WndXZfqFydLZwhVjzIZb5IWOTL0chD6uBX0JKFTc2dtvU8R3KyvUV4Hlzs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZBoB6dyX1kMrlDCsd_c0Vavh56FHFqhuHLBEPqn2L1dSh68NJ5vTR4vNBZHMsOmGrKL5S22-hTJnfrbPWG1Xw80cTa5WndXZfqFydLZwhVjzIZb5IWOTL0chD6uBX0JKFTc2dtvU8R3KyvUV4Hlzs&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Request Chain 256
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFAjVOzx3Rs9q0HUc35azPo&google_cver=1&google_push=ASkJ3FYZOQKuaTt-H1dJpE5qb3pyegNl9tyzN7HsBweJIV1aJ6pnfJFyTuXr_7kzpMAWFcnsBBdIWZNBho32l1eC3QXhVoQp17yUjMslfFzIBqnUZUWeLIZ8s_tGT1sm5nFVlSgLonRPdUizl5asAtItcA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYZOQKuaTt-H1dJpE5qb3pyegNl9tyzN7HsBweJIV1aJ6pnfJFyTuXr_7kzpMAWFcnsBBdIWZNBho32l1eC3QXhVoQp17yUjMslfFzIBqnUZUWeLIZ8s_tGT1sm5nFVlSgLonRPdUizl5asAtItcA&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
Request Chain 257
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJXsKg_tKCChVNlt0aSBfbU&google_cver=1&google_push=ASkJ3FaRlgZmEmkSuS_7XTcSsET7yi9izEqwBK2PIV5tm-LjHUX849VaLBfu47v1FYZSkctce3F2HD48yP8Ma3dRACDH-XnGtEjCzT-QZeq9OzYCg-w0pwa4bdphEbU5yV4BW3joKJcKgjGiRtrtCoJX1Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FaRlgZmEmkSuS_7XTcSsET7yi9izEqwBK2PIV5tm-LjHUX849VaLBfu47v1FYZSkctce3F2HD48yP8Ma3dRACDH-XnGtEjCzT-QZeq9OzYCg-w0pwa4bdphEbU5yV4BW3joKJcKgjGiRtrtCoJX1Q
Request Chain 258
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?ext-param=ASkJ3Fasscvnv6S_HRiEb15gLGCvZ9dHZIKa1qgHGpBq-VFD9Np0wd-gOm-1KzdOEtyZknp-X0hTJo-3jfbrBHwe2bjuqGcE8KyTmPZkhDtvcp5S2wr9-SJsJrzY6mt46OBUPz33k6_lz7SKFGMdqxuoqDo&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?redir-setuniq=1&ext-param=ASkJ3Fasscvnv6S_HRiEb15gLGCvZ9dHZIKa1qgHGpBq-VFD9Np0wd-gOm-1KzdOEtyZknp-X0hTJo-3jfbrBHwe2bjuqGcE8KyTmPZkhDtvcp5S2wr9-SJsJrzY6mt46OBUPz33k6_lz7SKFGMdqxuoqDo&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBiOY_AHTQimo70c1KZRDWI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 264
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 279
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4344786190095448269&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 280
  • https://match.adsrvr.org/track/cmf/openx?oxid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa73f1e-2282-4722-ab92-69e030e1dce8&ttd_puid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0&gdpr_consent=
Request Chain 281
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y35FUsCo5s0AAAaLS8YAAAAA
Request Chain 282
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVcXmYFiME2Wks8ADxwUu-B-iM8AAAGEpT7JmQ
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
Request Chain 291
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
Request Chain 293
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
Request Chain 295
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-yiJTYDrAr9OM6-W0WlDTT_15x1n-lw
Request Chain 297
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCNKK-ZsGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 298
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
Request Chain 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_cver=1
Request Chain 320
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y35FTk47_C13IzGVNooSSQAAErAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&dcc=t
Request Chain 321
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afa73f1e-2282-4722-ab92-69e030e1dce8&expiration=1671811666&gdpr=0&gdpr_consent=
Request Chain 322
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5234464901097473502
Request Chain 323
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
Request Chain 325
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4488901378171304141
Request Chain 326
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5234464901097473502
Request Chain 332
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 333
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Drkt%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=rkt&refUrl=&vid=92196667583122212667444262000V10&ovsid=1917759394829190040
Request Chain 335
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dapx%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=apx&refUrl=&vid=92196667583122212667444262000V10&ovsid=5234464901097473502
Request Chain 336
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dopx%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=opx&refUrl=&vid=92196667583122212667444262000V10&ovsid=f739e857-87c2-4959-be6d-99e8735a522a
Request Chain 337
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dmma%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=mma&refUrl=&vid=92196667583122212667444262000V10&ovsid=53b9637e-454e-4300-b051-7df97098549b
Request Chain 338
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dr1%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3087599622 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/afa73f1e-2282-4722-ab92-69e030e1dce8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dr1%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DRX-2771d978-21e3-48e5-91c1-186eef521a7a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEyMjIxMjY2NzQ0NDI2MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECodWx0KbKRQKbVaUghmeJ8&google_cver=1
Request Chain 340
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Ddxu%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Ddxu%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=dxu&refUrl=&vid=92196667583122212667444262000V10&ovsid=6md3QIl91OXShR5
Request Chain 341
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=508a5e37-af14-41ff-aee2-7a2f48b9c088
Request Chain 342
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&google_hm=MWU2ZGNhMjYtOTBlMC00MmJjLTkxNTktZWNiODhjNjFmZDdm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECWSwszt8qoJ-fy7mp31Y28&google_cver=1&ssp=medianet&bsw_param=1e6dca26-90e0-42bc-9159-ecb88c61fd7f HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 343
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dzem%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=zq2xujy6wtN8OqpAFqWq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPL2OEZHQ5LKPE3HO5COHBHXC4CBIZYVO4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4TEMJZGY3DMNZVHAZTCMRSGIYTENRWG42DINBSGYZDAMBQKYYTAJTWONUWIPJTGEZDEMRRGI3DMNZUGQ2DENRSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPL2OEZHQ5LKPE3HO5COHBHXC4CBIZYVO4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4TEMJZGY3DMNZVHAZTCMRSGIYTENRWG42DINBSGYZDAMBQKYYTAJTWONUWIPJTGEZDEMRRGI3DMNZUGQ2DENRSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=zq2xujy6wtN8OqpAFqWq&refUrl=&type=zem&vid=92196667583122212667444262000V10&vsid=3122212667444262000V10
Request Chain 344
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3122212667444262000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3122212667444262000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=db591510-169a-4319-b91c-2cf6672336b4&cs=1
Request Chain 346
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afa73f1e-2282-4722-ab92-69e030e1dce8
Request Chain 347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=afa73f1e-2282-4722-ab92-69e030e1dce8&dongle=0cfd
Request Chain 348
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ0NTUzODA1Mzg1NDY1MzYzMTQ0 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEz139AZrIybdC_CRUt0ogk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 350
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ0NTUzODA1Mzg1NDY1MzYzMTQ0
Request Chain 351
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=344553805385465363144&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=344553805385465363144&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c734dfff-fe06-470d-a70f-6b82ee6a9188&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c734dfff-fe06-470d-a70f-6b82ee6a9188&_noobservation=1&_expected_cookie=e67d83244576bf7de11136e7dc0bbbde
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=344553805385465363144&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9747df56-993c-4d28-9abe-72fe131b0538&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 353
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/344553805385465363144?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-szL_z85E2oTaSvnPheN246dhV7WHLrRazF_rpgFcJA--~A&dongle=0883
Request Chain 354
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=344553805385465363144 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=344553805385465363144&dcc=t
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5234464901097473502&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 358
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FZidL6H7y55XIX-0O85uxkOwDLsMZ880S0u_KylEn7Z2MOjaAarNnPH_aBAPsRRnWhtjqFULJ7ZEsr2yTfCzo8N6I3NGDRURGQseon3gOdFy-6_ix1-H3iywVsJwSN46dGAeVRFLsgWLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FZidL6H7y55XIX-0O85uxkOwDLsMZ880S0u_KylEn7Z2MOjaAarNnPH_aBAPsRRnWhtjqFULJ7ZEsr2yTfCzo8N6I3NGDRURGQseon3gOdFy-6_ix1-H3iywVsJwSN46dGAeVRFLsgWLw
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_4C1YDjQDmHXwEQdBzDG-td7G4ISfJ1AwQPx1Be76FHX6yAwYEkuL8g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_4C1YDjQDmHXwEQdBzDG-td7G4ISfJ1AwQPx1Be76FHX6yAwYEkuL8g&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFAjVOzx3Rs9q0HUc35azPo&google_cver=1&google_push=ASkJ3FZMym4gAc_b4rXCnGOrE9YBIA5-FxJELx0mOEJGknEKAEid6OQv6udFN4P59NK5j9eEvi41KBDvqw-U5uccTt-Zcn-PytN820i7BHK3jrp5Wb9iaOGRxRhV3q8Sb60O9wRYxOfvQKpl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZMym4gAc_b4rXCnGOrE9YBIA5-FxJELx0mOEJGknEKAEid6OQv6udFN4P59NK5j9eEvi41KBDvqw-U5uccTt-Zcn-PytN820i7BHK3jrp5Wb9iaOGRxRhV3q8Sb60O9wRYxOfvQKpl&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
Request Chain 361
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJXsKg_tKCChVNlt0aSBfbU&google_cver=1&google_push=ASkJ3FZ8w9EkCk2xbESKKo43IWKaSneXoKjai2CqfdkSsAJhHCE7ei6-nmznloScBqeCLDPnOUEeGGIi9a3Jrxddnrpd45Qzlg5P3Jo_fRvY6Hq7PPLPzzRYxMZJ_QeaGseY1EUjXQBcmEgN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FZ8w9EkCk2xbESKKo43IWKaSneXoKjai2CqfdkSsAJhHCE7ei6-nmznloScBqeCLDPnOUEeGGIi9a3Jrxddnrpd45Qzlg5P3Jo_fRvY6Hq7PPLPzzRYxMZJ_QeaGseY1EUjXQBcmEgN
Request Chain 362
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?ext-param=ASkJ3FYjHx6szMYclyjoWfJhqeNcfBavYzqxyPlsmBmdY8G1FZTA3tS8BV6BlaO4aDO19hm-EN-5z7nH1NXeO7N-xFdo28DBRmTnLdqoQKJy5HfP5kLbC6jIno9kMymiIU3TkthLRbwL6poxwQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBiOY_AHTQimo70c1KZRDWI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 372
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 375
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5234464901097473502
Request Chain 376
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FsznDRZHcKyMQD_wQDew9cfI
Request Chain 377
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FsznJLZHwEd6WysHSXumTiv6
Request Chain 378
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7973863310 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/afa73f1e-2282-4722-ab92-69e030e1dce8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dr1%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DRX-2771d978-21e3-48e5-91c1-186eef521a7a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Request Chain 379
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1972084068059896135
Request Chain 381
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8079%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
Request Chain 383
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMGM1YTc5ODAtYTkyNy0zZTI0LWFkYTMtZGUwMDFlYTJlMDg2MgIGDDgB%26buyeruid%3D HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F9275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE1HTTFZVGM1T0RBdFlUa3lOeTB6WlRJMExXRmtZVE10WkdVd01ERmxZVEpsTURnMk1nSUdERGdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 384
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
Request Chain 385
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N7-9-SSXSGS-KFGV7p9xgg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N7-9-SSXSGS-KFGV7p9xgg
Request Chain 386
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUVUFFRUMtWi00WDhZ
Request Chain 387
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=&expires=30
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkoLJSP0m_gPWXVX5kNCUY&google_cver=1
Request Chain 389
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZiM2Y0OGNjY2RmZGQyZjE0NTllMTQ2MjliNmIxMzY2OGM2MzU5MQ
Request Chain 390
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rpUANLcLwga1pAZxfXbDOQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4198352570443258693
Request Chain 391
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ijgA7anMQT6_MHzPavsbIw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ijgA7anMQT6_MHzPavsbIw
Request Chain 392
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LATUAEEC-Z-4X8Y
Request Chain 395
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y35FTk47_C13IzGVNooSSQAAErAAAAAB
Request Chain 396
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y35FUwAJ2X8mQwAW HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y35FUwAJ2X8mQwAW&_test=Y35FUwAJ2X8mQwAW
Request Chain 397
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SDhcdUo-X3VTPlMlTGpGdkc7WChTO1InHWmDf6_C
Request Chain 398
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
Request Chain 399
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SLD7gVEY1OXShS5
Request Chain 400
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
Request Chain 401
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HUGpivJgRIZW38GiohQPJnRaSso
Request Chain 403
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-z6sAh164UrcDC4ZbJlmzZoNqqgsJHw
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
Request Chain 406
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Request Chain 407
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LATUAEEC-Z-4X8Y&gdpr=0
Request Chain 408
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5234464901097473502
Request Chain 410
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3526574862333994897
Request Chain 411
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
Request Chain 412
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUU5OTQyODktRjQ1QS00NEU3LUE5MjEtMjU3NDQ1NDk3NEVB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 413
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
Request Chain 414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9747df56-993c-4d28-9abe-72fe131b0538&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 419
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5234464901097473502
Request Chain 420
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008238135447&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522942008238135447&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=826d713c-afa9-4464-b12a-d8dea6e6c944&ssp=gumgum2&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008238135447&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 421
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1d41a98a-f260-4486-56df-c1a2a2140f26$ip$116.90.74.202
Request Chain 422
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=zq2xujy6wtN8OqpAFqWq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26TRGJ4HK2TZGZ3XITRYJ5YXAQKGOFLXCJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26TRGJ4HK2TZGZ3XITRYJ5YXAQKGOFLXCJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zq2xujy6wtN8OqpAFqWq&us_privacy=1---
Request Chain 423
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7018968450 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/afa73f1e-2282-4722-ab92-69e030e1dce8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2771d978-21e3-48e5-91c1-186eef521a7a-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Request Chain 424
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=yT5iDekcOTlE&ev=1&pid=558355
Request Chain 425
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28LQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28LQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6&obuid=ENC(LQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DLQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu%26us_privacy%3D%24CCPA
Request Chain 426
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c82825b8-04d7-4bef-ba59-f76b09e5c1b0
Request Chain 427
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-gPlNa39E2pe7DFfiNVBYXFloWuDFnFh0LNrj~A
Request Chain 428
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=950ebf06-b944-403e-aa1f-085ba9d8d2f5
Request Chain 431
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=689f5466-9bf0-43a2-b5b8-7061fbf7e677
Request Chain 432
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2334647491242059714
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=afa73f1e-2282-4722-ab92-69e030e1dce8
Request Chain 437
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Request Chain 438
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW
Request Chain 441
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y35FU8Co5s0AAAaLTHUAAAAA
Request Chain 443
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y35FTk47-C13IzGVNooSSQAA%264784
Request Chain 444
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=6PDj5x33kMd88fqpqjN7&pi=gumgum&tc=1
Request Chain 445
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 449
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=d66ddc2205&gdpr=0&gdpr_consent=
Request Chain 450
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3044baec-f06a-4a3d-a92c-367d92ef1a42&gdpr=0&gdpr_consent=
Request Chain 451
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOr3iViNvohfVkpITj1dwbB5R4fYfhFOPfqg77HQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=2334647491242059714&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOr3iViNvohfVkpITj1dwbB5R4fYfhFOPfqg77HQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/7/3.gif?puid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Request Chain 452
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Request Chain 457
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=FsznJLZHwEd6WysHSXumTiv6
Request Chain 458
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g63830ba942760084463&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 459
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Request Chain 461
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004&rndcb=7254367400 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9747df56-993c-4d28-9abe-72fe131b0538&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/1e6dca26-90e0-42bc-9159-ecb88c61fd7f?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-2771d978-21e3-48e5-91c1-186eef521a7a-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 462
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=344553805385465363144
Request Chain 463
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=78f899bba62820a83072a8854f87a97a
Request Chain 464
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=a64c63cc-5350-4ced-a5ba-fe7181b64a13
Request Chain 465
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y35FTk47-C13IzGVNooSSQAA%264784
Request Chain 466
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=5234464901097473502
Request Chain 467
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqWWh0dHBzOi8vY3MubWludXRlbWVkaWEtcHJlYmlkLmNvbS9jcz9haWQ9MjE0OTUmaWQ9dWEtMGM1YTc5ODAtYTkyNy0zZTI0LWFkYTMtZGUwMDFlYTJlMDg2MgIGDDgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29929%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlxV1doMGRIQnpPaTh2WTNNdWJXbHVkWFJsYldWa2FXRXRjSEpsWW1sa0xtTnZiUzlqY3o5aGFXUTlNakUwT1RVbWFXUTlkV0V0TUdNMVlUYzVPREF0WVRreU55MHpaVEkwTFdGa1lUTXRaR1V3TURGbFlUSmxNRGcyTWdJR0REZ0ImYnV5ZXJ1aWQ9%26uid%3D%24UID
Request Chain 468
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=yT5iDekcOTlE&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminutemedia%26bsw_param%3D1e6dca26-90e0-42bc-9159-ecb88c61fd7f%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=cf143faab8684f0e8437b335c72e9ec0&ssp=minutemedia&bsw_param=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
Request Chain 472
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=be99bee9-67e9-40d8-8234-58a674796738&gdpr=0
Request Chain 473
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=db591510-169a-4319-b91c-2cf6672336b4
Request Chain 474
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=c9e56cf9-dd31-4211-b4a7-d82b4faf16aa
Request Chain 477
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 478
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A&gdpr=0&gdpr_consent=
Request Chain 484
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 485
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Request Chain 488
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LATUAEEC-Z-4X8Y HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LATUAEEC-Z-4X8Y
Request Chain 489
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LATUAEEC-Z-4X8Y HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LATUAEEC-Z-4X8Y
Request Chain 493
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
Request Chain 494
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 495
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 496
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxc63tc0u19 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 497
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IN5RliLYUpY72F7GJIxLlS_dVcs73V_EdY_78RwB HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 498
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5234464901097473502&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 499
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 500
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LZodSiUTDvuqukwqUEV-Yw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 501
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HUGpivJgRIZW38GiohQPJnRaSso HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 505
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f074879f22834367be40cd8f848a9b6c HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 506
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SLD7gVEY1OXShS5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 507
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004&rndcb=7051712687 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6983446747434331023&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/1e6dca26-90e0-42bc-9159-ecb88c61fd7f?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Request Chain 511
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 514
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LxuR7vBRT1W4S265NGNOxA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 515
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9c6b179799f3529ba134cfec121cab273d999db9050a74bdce13b35e7b6c3650791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5YzZiMTc5Nzk5ZjM1MjliYTEzNGNmZWMxMjFjYWIyNzNkOTk5ZGI5MDUwYTc0YmRjZTEzYjM1ZTdiNmMzNjUwNzkxNDI2YjU0MTdkY2UyMRAAGgwI1Yr5mwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5YzZiMTc5Nzk5ZjM1MjliYTEzNGNmZWMxMjFjYWIyNzNkOTk5ZGI5MDUwYTc0YmRjZTEzYjM1ZTdiNmMzNjUwNzkxNDI2YjU0MTdkY2UyMRAAGgwI1Yr5mwYSBAgCEABCAEoA&google_gid=CAESEH3gPM07XdERVqZrRmtfHsg&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Request Chain 516
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=53b9637e-454e-4300-b051-7df97098549b
Request Chain 517
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkYxQjkxRUUtRjA1MS00RjU1LUI4NEItNkVCOTM0NjM0RUM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 518
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDsMYkk_0PYmL8L_urcXJ6I&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 519
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DB3ED47D56E04D00A9BDFECFD5ED10D8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 521
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Request Chain 522
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w8AeXglE2uWelxPkeSR26GXsRHMjFWQ-~A&gdpr=0&gdpr_consent=
Request Chain 523
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7525670766553854172
Request Chain 524
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
Request Chain 525
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4488901378171304141&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 527
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5234464901097473502
Request Chain 528
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-0wwPF54ebHVHPUo8V9eXfkXaJ2jxJg
Request Chain 530
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iOOuN-pkT_tvgcv-PhJqTudmxbom6rMxNH4up8hLlaw
Request Chain 532
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
Request Chain 534
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
Request Chain 538
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
Request Chain 540
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
Request Chain 544
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LATUAEEC-Z-4X8Y HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LATUAEEC-Z-4X8Y
Request Chain 547
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LATUAEEC-Z-4X8Y HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LATUAEEC-Z-4X8Y
Request Chain 552
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D42561696ce1c6d21%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=42561696ce1c6d21&uid=06cb0e07-955d-4050-b6ae-279340ee027b
Request Chain 554
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42561696ce1c6d21%26uid%3D%24UID HTTP 302
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=42561696ce1c6d21&uid=5234464901097473502

579 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
www.bg3.co/a/ 		52 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db30278a860c54cc5effe0915a4f84ddac85914cb3b52bc72d610d790ec5fad2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Nov 2022 16:07:35 GMT
ETag
"d09a-ppXDnJBsOJclOubmJDgM9odSJas"
Expires
Wed, 23 Nov 2022 17:07:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 16:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8982a451fc00c1b3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 16:07:37 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 16:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"6079829c87823654"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 16:07:37 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 16:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 16:07:37 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 16:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31953
x-xss-protection
0
server
sffe
etag
"eddf6e9f984d26cc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 16:07:37 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2434
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSk30l3krb6cCW7y7WPebbEN8Q9IoxRhL4rHRxuTFyyFu%2BnxBT6us3bRdYF%2FMFNo6Iku4y7atRsyUjEKx8LvstKD1t0CSN1lApO9WWd7b9tX9qmr7l%2BLfkprbLzxbdjTow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76eb28ac9883aafb-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:37 GMT
content-encoding
br
last-modified
Wed, 23 Nov 2022 08:00:19 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
9035
expires
Wed, 23 Nov 2022 17:07:37 GMT
adpushup.js
cdn.adpushup.com/42753/ 		518 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:37 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
114452
expires
Wed, 23 Nov 2022 17:07:37 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:38 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNqm+ZsGEogBCiQyY2RjNjAwOS00OTIxLTRmYTctYjUzZC03ZTZlOWRjYjE4YTAQ6JCNkN3O+gIaBgjKivmbBiINMTE2LjkwLjc0LjIwMij4wwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDNhMjkzMDMxLTgwZjYtNGYwMC1iODJiLWQ1NDk2Y2E3MWJmZBi46QE=.GEJvt9L59kSJYi8eGfCmJ78rQ5aWqqNAF5KddcQD5YU=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1669219658.dop067.la3.t,1669219658.cds209.la3.hn,1669219658.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
a01ecaef88ff7f639a42456ac8515b45.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a01ecaef88ff7f639a42456ac8515b45.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
84390069eb13b5b8f8f44ec7017fce73.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/84390069eb13b5b8f8f44ec7017fce73.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cd5e8af978c8af90d260fc2fcfdfc937.jpg
static.bg3.co/imgs/202201/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/cd5e8af978c8af90d260fc2fcfdfc937.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2fff11f14936b40d8faf7c1c33a11daa.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2fff11f14936b40d8faf7c1c33a11daa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a15a833bb81943461b4929c81b1e2fc3.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a15a833bb81943461b4929c81b1e2fc3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
942d70de392d0e4aa743cb7b02ea162f.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/942d70de392d0e4aa743cb7b02ea162f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
574eb8f8637dbc321dd17ec77dee4d4f.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/574eb8f8637dbc321dd17ec77dee4d4f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
332609cf8cbac61369f6d57d7dad580f.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/332609cf8cbac61369f6d57d7dad580f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0588aaed69cfe2babaf462133dfb4ad9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0588aaed69cfe2babaf462133dfb4ad9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
35eb9a239baec6c4efa811e6de46d49c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/35eb9a239baec6c4efa811e6de46d49c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
000a4a0aecfa41e6fe2a67df9eba0cb2.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/000a4a0aecfa41e6fe2a67df9eba0cb2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
aaf72be8146e33023a3df88a0edfd452.jpg
static.bg3.co/imgs/202109/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/aaf72be8146e33023a3df88a0edfd452.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
39e36537acd271b53387948b1bf1b7d7.jpg
static.bg3.co/imgs/202203/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/39e36537acd271b53387948b1bf1b7d7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5ba8e4235292d0f5e2725b00db84fd1c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5ba8e4235292d0f5e2725b00db84fd1c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:06:17 GMT
age
72081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"413d5b5eb26df1c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:06:17 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:06:01 GMT
age
72097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"2e876f41249f1a45"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:06:01 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Nov 2022 00:15:08 GMT
age
575550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23066
x-xss-protection
0
server
sffe
etag
"1b79e24071ca714c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 00:15:08 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
292c23cd0cb7646eed1e5951fa827a4698507c5f45bab13797559eaeaafe8007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5047
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am0zE6eDZMmElGsnf4eNVaIRxMuVVGf%2BZdyb4vU%2FBdmjGJCUf%2FPO7H9%2Fi1jgDVV0NRqs12%2F2k%2BTPsNL6bm7OD5vY4hn4S6MnOAs%2BsXSE%2FpwRgblFMV8rj51SFdRdXiEk7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76eb28aeb9a9aafb-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5338315880996987&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:38 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.20048649448389555&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:38 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:38 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNqm+ZsGEogBCiRlOTllMmIyZC1mMDc0LTQ5NjMtYWEyMi0xODUwZTE0ZTdlODEQ6JCNkN3O+gIaBgjKivmbBiINMTE2LjkwLjc0LjIwMij4wwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGEwZDYyYTY4LTQyMGEtNGI3MS04OWJmLTBiMzU1NjAzYjJmYRib8QE=.1E5wwaLcUXJjtd7IHeAitA1kWnLH9cy50WJEGY2h0Do=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1669219658.dop067.la3.t,1669219658.cds209.la3.hn,1669219658.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B400 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
53c315e1e783a31b00700e00206e887dc1dc8ecc6661f66ec7ab415f7f7c4c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34228
x-xss-protection
0
server
cafe
etag
9657586030333982139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:39 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 80B3 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
badfa14d323f05f827036b9d5a12835fd3c3684af084a0c845e71ab432082073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34255
x-xss-protection
0
server
cafe
etag
5329660436107822625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:39 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 16:13:29 GMT
age
172449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10255
x-xss-protection
0
server
sffe
etag
"4d52d329cbd34968"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 16:13:29 GMT
gtag.json
cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:10:34 GMT
age
71825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"f8777e0f4a2af1a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:10:34 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1669219658973
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:39 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Wed, 23 Nov 2022 17:07:39 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 378D 		714 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76eb28b578f3a807-SYD
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 16:07:39 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9ODPTpgVAyIqlqh9RZ0BnwZZFGUQMh2YtKQcukUIw%2BONopGANYVxqpRb9QMbTgYUQGgabE%2BC%2F0jULwunw%2FKy5Z3FKeUx8eHdyeD7WDa6A87GxwwTcRR%2FYSgqNDRMCI7Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B905 		714 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76eb28b588fca807-SYD
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 16:07:39 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGMai9jaykNq9EL%2BshsZpxSyYA3lGYs%2FsAU2ZRkSCrIgil%2FWDrQ0XZlCb1QakMcoNSCR3qCvpGWeLWRtylR%2BulHB%2BpLLkXBksrJxq%2BqKLiS5hA4aXJ%2BTaqDeY%2BfFSm7PcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:11:15 GMT
age
71784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
etag
"23f3142da2c5be06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:11:15 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=21
content-length
94168
expires
Thu, 23 Nov 2023 16:07:40 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=49
content-length
211
expires
Thu, 23 Nov 2023 16:07:40 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=18
content-length
17440
expires
Wed, 23 Nov 2022 17:07:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1400 / 718 of 1000 / last-modified: 1669205225"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Nov 2022 16:07:39 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:39 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 378D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1400 / 686 of 1000 / last-modified: 1669205225"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Nov 2022 16:07:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B905 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1400 / 824 of 1000 / last-modified: 1669205225"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Nov 2022 16:07:39 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjkyMTk2NTkzMzIsInBhY2tldElkIjoiMDAwMEE3MDEtZTdhNDliNjktYWQ2NC00ZjJmLTgzNDItYjNmNzViNzRhMmYzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLXNob3UtdGFpLXdhbi1zaG91LXpoYW4tamluZy1jYWktZHVvLXNoZW5nLXdlaS1saWFuLXd1LWh1LWJlaS1xaXUtbWkteGlhbi1iYW8taHVhbi1yZW4temh1LWNoaS1ydS1oZS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=4510.400000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:39 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjkyMTk2NTkzMzIsInBhY2tldElkIjoiMDAwMEE3MDEtZTdhNDliNjktYWQ2NC00ZjJmLTgzNDItYjNmNzViNzRhMmYzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLXNob3UtdGFpLXdhbi1zaG91LXpoYW4tamluZy1jYWktZHVvLXNoZW5nLXdlaS1saWFuLXd1LWh1LWJlaS1xaXUtbWkteGlhbi1iYW8taHVhbi1yZW4temh1LWNoaS1ydS1oZS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=4511.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:39 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjkyMTk2NTkzMzIsInBhY2tldElkIjoiMDAwMEE3MDEtZTdhNDliNjktYWQ2NC00ZjJmLTgzNDItYjNmNzViNzRhMmYzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLXNob3UtdGFpLXdhbi1zaG91LXpoYW4tamluZy1jYWktZHVvLXNoZW5nLXdlaS1saWFuLXd1LWh1LWJlaS1xaXUtbWkteGlhbi1iYW8taHVhbi1yZW4temh1LWNoaS1ydS1oZS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=4511.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:39 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:39 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
1076
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Wed, 23 Nov 2022 20:07:39 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjkyMTk2NTkzMzcsInBhY2tldElkIjoiMDAwMEE3MDEtZTdhNDliNjktYWQ2NC00ZjJmLTgzNDItYjNmNzViNzRhMmYzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLXNob3UtdGFpLXdhbi1zaG91LXpoYW4tamluZy1jYWktZHVvLXNoZW5nLXdlaS1saWFuLXd1LWh1LWJlaS1xaXUtbWkteGlhbi1iYW8taHVhbi1yZW4temh1LWNoaS1ydS1oZS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=4516.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:39 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjkyMTk2NTkzNDAsInBhY2tldElkIjoiMDAwMEE3MDEtZTdhNDliNjktYWQ2NC00ZjJmLTgzNDItYjNmNzViNzRhMmYzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLXNob3UtdGFpLXdhbi1zaG91LXpoYW4tamluZy1jYWktZHVvLXNoZW5nLXdlaS1saWFuLXd1LWh1LWJlaS1xaXUtbWkteGlhbi1iYW8taHVhbi1yZW4temh1LWNoaS1ydS1oZS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=4519.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:39 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-26381953272988190151.ampproject.net/2211042305000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-26381953272988190151.ampproject.net/2211042305000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ Frame B400 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
bf747d03c51aaa3690742886f12dff8050ea067f931b203720988c9d1366c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119216
x-xss-protection
0
server
cafe
etag
6755253356741338566
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:40 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 378D 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Wed, 23 Nov 2022 16:07:40 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%AD%94%E7%8D%B8%E8%87%BA%E7%81%A3%E9%A6%96%E6%88%B0%E7%B2%BE%E5%BD%A9%E5%A5%AA%E5%8B%9D%EF%BC%81%E3%80%80%E5%A8%81%E5%BB%89%E3%80%8C%E5%97%9A%E5%91%BC%E3%80%8D%E8%A2%AB%E7%90%83%E8%BF%B7%E5%AB%8C%E7%88%86%EF%BC%9A%E6%8F%9B%E4%BA%BA%E4%B8%BB%E6%8C%81%E5%A6%82%E4%BD%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.22696926725179978&gjid=0.4916562415955519&_r=1&a=1499&z=0.20954423508934994&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame B905 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 80B3 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
3d2a8309a273bb5add8dd11e8c413bad68ccc9ac9568121799b1d2fc7af615f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119610
x-xss-protection
0
server
cafe
etag
5972306165391916738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:40 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2F52 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13191368671281267234&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2940&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=1499&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&ga_hid=1499&dt=1669219659851&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&bdt=3494&dtd=688&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:41 GMT
expires
Wed, 23 Nov 2022 16:07:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 30 Nov 2022 16:07:41 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B400 		379 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
8b9ddc9bd0919c6340467aea623a72bcbf6d4e7ed415b7d557c82ad80ae4fce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame B400 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B400 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame A2D1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219660&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-26.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
758
content-length
673
content-type
text/html
date
Wed, 23 Nov 2022 15:55:14 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 682a73fb2198f321ef89332a6cb933ee.cloudfront.net (CloudFront)
x-amz-cf-id
uF0Y1YM9W9m0mckYRjZbhGjLQAe5Mxo4r_dXta9qX0DVFs4-Na8Kxw==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:41 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 378D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 378D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 378D 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917744441302965&correlator=366605394200675&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1669219660936&lmt=1644386353&dlt=1669219659307&idt=1607&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=kxo2wy1k4w6m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=472875446.1669219661&ga_sid=1669219661&ga_hid=962787561&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
d7fd5cf1a3b02ceb2211afa76f1e1d445d5f70fcbbef9bb9c8affaf1b38d3ec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 411B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:41 GMT
expires
Thu, 23 Nov 2023 16:07:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame B905 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B905 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B905 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2008182510720030&correlator=1850929605932182&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1669219661140&lmt=1644386353&dlt=1669219659316&idt=1815&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=f8rdunrbp660&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1770094441.1669219661&ga_sid=1669219661&ga_hid=1323954210&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
39937536c075104a2885abe8db0e1b01268c2465ff1f0bbc70fdf06fc4c624f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 895D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:41 GMT
expires
Thu, 23 Nov 2023 16:07:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221123
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ce65f09dd4d96cd8ac7103fb9896fed13449485f3a5f707f855f94ba20c395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3992
x-jsd-version
1.0.1533
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66d-uDNvjw1GnPJ2+/j4dcNl6z5kM8s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdSkeNcn6v6pK8js6O4NMnpOAxD1uEAf0cs7FkfJRN4Dbfdf3HIIEQGrJMBmCb8yuM7KgLlrhusnyMulPSwUxzVVwSe8E%2Fv7XAKtDeu7YslUrGU73ovE4N1K5oT8mFuZmLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76eb28c4abc1a831-SYD
cygnus
htlb.casalemedia.com/ 		36 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213f18ea92dfcff%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228b737296116054%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22111f4b7b3e48e34%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22127350a8fc9a096%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ecb9be91-8545-4c4e-87f4-2f6ea592f30b%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ab088f11f675c1f4e78e0b26e8a881db3808bdbf44171d142fe410fa73d74a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McJETZ2q8Ex6lI3KmT5T69fzK1P2VN1XMRHIumnn15wvWq9mSC2RD7wWKibgD%2FeUkwhY27Fhcde35%2BJQ939Pzk22iZTYQX%2F%2FI4ccyMrmi%2FYcVulx673f0Vb0VrBghpvpldEgeMxg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76eb28c4dedaa811-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213f18ea92dfcff%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22111f4b7b3e48e34%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22127350a8fc9a096%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ecb9be91-8545-4c4e-87f4-2f6ea592f30b%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ab088f11f675c1f4e78e0b26e8a881db3808bdbf44171d142fe410fa73d74a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggbL4APRLZcqzZpq%2B5JbxZ2iKWDieFukrzZ8v4MYXn1SC4x6GcZ15hk6dwGUKRPL%2FfocpGXOdeGgd9bjl0UR%2Fj2Mw3Nqno2DqgQrD7TbEC3Oter%2B2nuJw8zz2DIa9%2B6ruY%2FVhiAU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76eb28c4dedba811-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.101.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-101-164.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
19
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.226.248 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-226-248.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c8ff39ac0b6e21fa473efa1c13675ba719d99c87ffdbaf0e9e8b743276dec8b8

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.226.248 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-226-248.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2f30935c43a26c96948af24e37be557b7aab9e0190c85df22e6858d8a9260bdc

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.226.248 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-226-248.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
f1318f0d6173aebc47e024292ea163ace6c28181a59e061bfa4e52dde3e3d7a5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=ecb9be91-8545-4c4e-87f4-2f6ea592f30b%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=1842552d-7e1f-487c-ac3c-35f39ec15b9d%3B09e68ba2-fd1e-4a9d-975c-2ae86ef9a4cb%3B5416b0aa-abda-430d-b5b0-8a128ed23c4f&l_pb_bid_id=20f160fc35a965%3B21c5073cb2af6c8%3B22683718b8a1847&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.9457808334760105
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
08457689ada26b1ecf9f1d56293b1fff488e8e443253d579340cf58b8b99a96f

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bdece9b0306202e51b834ec772778812f53c647d1c97fac1ec714e3c8b94bbe2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:42 GMT
AN-X-Request-Uuid
53c061fd-5e52-4b03-8812-d625236d16da
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
102a961beb7ddb796d6b12eef753b5d43e7009134314e6a31208b8d2406ae187

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 23 Nov 2022 16:07:41 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Wed, 23 Nov 2022 16:07:41 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=37805875518
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5462
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.6.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-6-26.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8a88fa3d03c13cbc28e3e82271d94fddd5a1ebcf4bc7108d4b178e9cf824590a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
7439
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a429fabc-444e-4198-b296-873c805e4028%2C4ecb561d-de3e-4a11-8efd-9bf11794d0be%2C5f2d9330-cc01-4b65-983d-507d713fe01b&nocache=1669219661224&pubcid=ecb9be91-8545-4c4e-87f4-2f6ea592f30b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0e960c37ec49f43d04f05c69d4a662b70cf72ae5bd9f6ca94682d1d7b8ab7a19

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=157924e7-eec2-4945-8a4d-f6f53deb6a76&nocache=1669219661225&pubcid=ecb9be91-8545-4c4e-87f4-2f6ea592f30b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=956aa179-1bf3-4e82-8527-a692356f1632&nocache=1669219661225&pubcid=ecb9be91-8545-4c4e-87f4-2f6ea592f30b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3809c4cd-317f-4dd3-b138-718a90446387&nocache=1669219661225&pubcid=ecb9be91-8545-4c4e-87f4-2f6ea592f30b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
edbf0bfcbf4ae18149e4001e2b1e14fd11b956496d34a60b2b11991b4204e497

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
103
alt-svc
clear
expires
Wed, 23 Nov 2022 16:07:41 GMT
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 23 Nov 2022 16:07:42 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 80B3 		379 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
96e4c2dc075b2b7d23005c5ee413d5a66563a2e6fd032b580aad79a49eb1ee71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 80B3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 80B3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5469 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
5165d62c9140e7cfe58cfef713160a27ab6e90540b4279ffe2159c37a4af0879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11727
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:41 GMT
expires
Wed, 23 Nov 2022 16:07:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 15:26:59 GMT
via
1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
GdP4_zRbCxqcojGkixjKoZ4vMlwdaav92fSlPvNaDY2KgV1YyVnrYA==
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI5OTQzMzBfMTY2OTIxOTY2MTc1MiIsInVzZXJJZCI6IjQ1Mzc3NV8xNjY5MjE5NjYxNzUyIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjM4NTk4XzE2NjkyMTk2NjE3NTIiLCJwYWdlUGF0aCI6IiUyRmElMkZtby1zaG91LXRhaS13YW4tc2hvdS16aGFuLWppbmctY2FpLWR1by1zaGVuZy13ZWktbGlhbi13dS1odS1iZWktcWl1LW1pLXhpYW4tYmFvLWh1YW4tcmVuLXpodS1jaGktcnUtaGUuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZtby1zaG91LXRhaS13YW4tc2hvdS16aGFuLWppbmctY2FpLWR1by1zaGVuZy13ZWktbGlhbi13dS1odS1iZWktcWl1LW1pLXhpYW4tYmFvLWh1YW4tcmVuLXpodS1jaGktcnUtaGUuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjkyMTk2NjE3NTN9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 23 Nov 2022 16:07:42 GMT
Server
nginx/1.18.0 (Ubuntu)
L2EvbW8tc2hvdS10YWktd2FuLXNob3Utemhhbi1qaW5nLWNhaS1kdW8tc2hlbmctd2VpLWxpYW4td3UtaHUtYmVpLXFpdS1taS14aWFuLWJhby1odWFuLXJlbi16aHUtY2hpLXJ1LWhlLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbW8tc2hvdS10YWktd2FuLXNob3Utemhhbi1qaW5nLWNhaS1kdW8tc2hlbmctd2VpLWxpYW4td3UtaHUtYmVpLXFpdS1taS14aWFuLWJhby1odWFuLXJlbi16aHUtY2hpLXJ1LWhlLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 23 Nov 2022 16:07:42 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=129, origin; dur=207
content-length
555
expires
Wed, 23 Nov 2022 17:07:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 378D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
67da69cdc19c9b1ae2f686c85731e341d05d0c1a10336e72dc4f1c9de4d52598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12572
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 5469 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ch00GTUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSQAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv4EoOgV6Ynp6As4c3RVRgif6fZy32KCOy_9nXk-vQV-Ykj4Zuyy9gAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=FN7xH7Wpb8Q&uach_m=[UACH]&cid=CAQSKQDq26N9z4sPmd-PTew0IW1_hHNHrsIFuaTmgPzPdvFp_B8tq0TFyQAQGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 23 Nov 2022 16:07:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 5469 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k8jmDZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQTUV-Y5QIgiIPzBt9ZUAHABIAAA&wp=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
185098
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame DDF9 		128 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
17a6b98ba4a3532767232390ece9dd635556ec9f9fd253c262f367c083289abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=pRF7RN14Hi00ljby8zvCTAqv1F0e69dsYgETtBv43-TFy0CklC0O4a3dbI4WvlFaSNz9mMNow4FzQXmFzVBTv2OXR4m0dKU9MQKR-TDTcJ62S6LLxMmDjhEZgtx7fPgmu_o2sa_0rA9f5sDr7xbN4B4hPuKYgPeE74cR07e0J-DRb3ArOaihkFa9auyDDTo5LbJoXTUrRdS7KiPNw00jB8481moFz2-xi_GWmaM8yHva6_wmdzz0b5qbUvHGTbsLlpwd3z3Jnpy9prTT"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
40945165
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5469 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
43439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 04:03:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 965D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
50462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:06:40 GMT
etag
48472445140208031
expires
Thu, 24 Nov 2022 02:06:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5469 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
85590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 5469 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTu8v_x7CeBMRdYliYFgS4x1-dQpgoVeYIaPf_WeVKIe5onKDvSotyZ0iVHujq5aO8zeSGS1sYffZ_4BLoPaKj8am2jIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5469 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B905 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
8b4fa353f4abec9a684db911cdf1c84190be899c4ee774517b0f91ee64020431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12394
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 378D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:43 GMT
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FZa2tRThWiZBF46OKTAbhWSATmBURQ2w_A-p0KpJFdUeVYCOZSgJV2DeSXxdCeTE60jbQGgGlokUidLSCaY...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZa2tRThWiZBF46OKTAbhWSATmBURQ2w_A-p0KpJFdUeVYCOZSgJV2DeSXxdCeTE60jbQGgGlokUidLSCaYHLVtMnT0ENnB
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZa2tRThWiZBF46OKTAbhWSATmBURQ2w_A-p0KpJFdUeVYCOZSgJV2DeSXxdCeTE60jbQGgGlokUidLSCaYHLVtMnT0ENnB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 23 Nov 2022 16:07:42 GMT
Server
MT3 169 32252b7 master nrt-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZa2tRThWiZBF46OKTAbhWSATmBURQ2w_A-p0KpJFdUeVYCOZSgJV2DeSXxdCeTE60jbQGgGlokUidLSCaYHLVtMnT0ENnB
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:41 GMT
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_gid=CAESEJeRQoyuTh7OOhFj6ti4l_k&goog...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_gid=CAESEJeRQoyuTh7OOhFj6ti4...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_hm=AVHcRXH_XYsiks8ADxwU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_hm=AVHcRXH_XYsiks8ADxwUu-B-iMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FbVolndsSCjuDrLgEH09v-D-zKKAutrIJt0DCSHeWfFSehW5So2qve5ZwHdyqwwPgm4MlRMeFcjvno_5ZDkQdoautZ-LD-RDg&google_hm=AVHcRXH_XYsiks8ADxwUu-B-iMA
cache-control
no-cache
content-length
0
x-amz-cf-id
EkJ6rqaERp7Z4KkZUAp1ZphucVCeHSrU8Pgl_04sC_qjCB1UjbMTew==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEDwXDqWhA0EtSlZcl_vSu2k&google_cver=1&google_push=ASkJ3FbajhOHErdj4wtnmbIDMvZLRcURpBdGKLI-_M42eslxjbcbEkJQiDgQPWovelO6vAnUoTYMo77xw1lnSmNheei9Q0EyzPN0pg
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3FbajhOHErdj4wtnmbIDMvZLRcURpBdGKLI-_M42eslxjbcbEkJQiDgQPWovelO6vAnUoTYMo77xw1lnSmNheei9Q0EyzPN0pg&google_hm=NTFiRzdoMDA2QkRBWTAwO...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3FbajhOHErdj4wtnmbIDMvZLRcURpBdGKLI-_M42eslxjbcbEkJQiDgQPWovelO6vAnUoTYMo77xw1lnSmNheei9Q0EyzPN0pg&google_hm=NTFiRzdoMDA2QkRBWTAwOFRKeWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Wed, 23 Nov 2022 16:07:43 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3FbajhOHErdj4wtnmbIDMvZLRcURpBdGKLI-_M42eslxjbcbEkJQiDgQPWovelO6vAnUoTYMo77xw1lnSmNheei9Q0EyzPN0pg&google_hm=NTFiRzdoMDA2QkRBWTAwOFRKeWw
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESECfIZ9m6cl5w28zPozG8RT4&google_cver=1&google_push=ASkJ3Fb-jNacQOEw0dA_6vs0waOjDG1LF75RLW3sxbl3mCVyKn3U2lV4bq1LE2qxDl55GzaRBT7yP1O-5j_9cLb...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3Fb-jNacQOEw0dA_6vs0waOjDG1LF75RLW3sxbl3mCVyKn3U2lV4bq1LE2qxDl55GzaRBT7yP1O-5j_9cLbawyi1JOuITQPJ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3Fb-jNacQOEw0dA_6vs0waOjDG1LF75RLW3sxbl3mCVyKn3U2lV4bq1LE2qxDl55GzaRBT7yP1O-5j_9cLbawyi1JOuITQPJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3Fb-jNacQOEw0dA_6vs0waOjDG1LF75RLW3sxbl3mCVyKn3U2lV4bq1LE2qxDl55GzaRBT7yP1O-5j_9cLbawyi1JOuITQPJ
Date
Wed, 23 Nov 2022 16:07:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFJs9d_M-L1prgLofwsAY7A&google_cver=1&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFky...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFJs9d_M-L1prgLofwsAY7A&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFky...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFkyRLfdEEVL2bNdISP&google_hm=enEyeHVqeTZ3dE44T3Fw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFkyRLfdEEVL2bNdISP&google_hm=enEyeHVqeTZ3dE44T3FwQUZxV3E=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FZapFu8GW-EiR1bbEfmEdFqNxgQG-pxvrSEfAqt5kNfF-K3tfa_sekFrWgQFLmy6uL0CxVlnSg9laFkyRLfdEEVL2bNdISP&google_hm=enEyeHVqeTZ3dE44T3FwQUZxV3E=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_hm=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&google_nid=index&google_push=ASkJ3FY4mlUlj7qZdgVHLs8iLNlWJGKXI49Kg...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_hm=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&google_nid=index&google_push=ASkJ3FY4mlUlj7qZdgVHLs8iLNlWJGKXI49Kg0DK52BWs6BZHAkNB7oMudZmggtA5aadAXFGxmWaBLoDPStmNswLrJKVLo230PrsWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjAkgHlXMUA%2B1YIORRJ%2BAVoozhT0Aj88WX58sso3J6tHTxf87xQJbb5Zodi1FyaIdW2qiaufwfy4dJ1CnocVlduFcTxeo%2BIqQIm64vfD3NnL2bTqraEVnDT1OJa5E145srO0QcdFqIzV4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_hm=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&google_nid=index&google_push=ASkJ3FY4mlUlj7qZdgVHLs8iLNlWJGKXI49Kg0DK52BWs6BZHAkNB7oMudZmggtA5aadAXFGxmWaBLoDPStmNswLrJKVLo230PrsWA
cache-control
no-cache
cf-ray
76eb28cd2e3feeaa-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 965D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYE6KTp7wxzDjxVMMw4n...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe&google_hm=BCdx2Xgh40jlkcEYbu9SGno
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe&google_hm=BCdx2Xgh40jlkcEYbu9SGno
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYE6KTp7wxzDjxVMMw4n0rtdL2tLSOvKeU2ivAoxjmVPos2weOSlQIjQyRqKylzsHuva8jhOubjtcI_AQNjqQ2K-NejO5Qe&google_hm=BCdx2Xgh40jlkcEYbu9SGno
date
Wed, 23 Nov 2022 16:07:44 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2771d97821e348e591c1186eef521a7a004
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 965D 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IodGNPi_MPeTR4cygXL7vs3lGGDEh-Bmdh1-DZq3VuYKD6_WTVPp5jzMXjqAAt0i-BANb-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel;r=262837987;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html;uh=e51ed67dfb...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=262837987;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1719831330-1669219661474;pbc=ecb9be91-8545-4c4e-87f4-2f6ea592f30b;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1669219662227;tzo=0;ogl=;ses=52a7efb1-fa9a-4366-b3c9-704ebfa50c68
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A2D1 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
2cff43e92f56ce5b2ad60b9576968dc98142432921b81ef1e210a50ff9d7042e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34222
x-xss-protection
0
server
cafe
etag
9317034768125724210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B905 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:43 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2de13d74b5cfa7034d0902203daa25986a89d136b8e512fc5200ef4b77431da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78329
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Nov 2022 16:07:42 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9tby1zaG91LXRhaS13YW4tc2hvdS16aGFuLWppbmctY2FpLWR1by1zaGVuZy13ZWktbGlhbi13dS1odS1iZWktcWl1LW1pLXhpYW4tYmFvLWh1YW4tcmVuLXpodS1jaGktcnUtaGUuaHRtbCIsInRpbWUiOjE2NjkyMTk2NjI0MzN9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 23 Nov 2022 16:07:42 GMT
Server
nginx/1.18.0 (Ubuntu)
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ Frame A2D1 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
b55ecbf4dd3cac1378c0d98307a7f46703da201d27b9bf1204301e567006bf52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119216
x-xss-protection
0
server
cafe
etag
16292395550147350811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:42 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DDF9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 16:07:43 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DDF9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 16:07:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DDF9 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 18 Nov 2023 16:07:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DDF9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 18 Nov 2023 16:07:43 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame DDF9 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=A57q0NcoigJOBeypeqOkoG4CeIx3QlvPeG5sN7RFO1iqoZ9asXkDNFpoS6uR-1phj10wtdYdUm6xTzAtGDW0KiGdLpQUrNxDOF7hUEtMBGrzYtC3gjNxuWgJrPq_QftfSjNSaRqDPaVYCuJqPUQcCieMuPjBbLDaAA7KjBOgzY476h2H4wYprR6VGEz6zPqImXb2Uctss1ppeHZDZXk0Cn0Ul5P6tmBncPrhoMIgeKRcOcFPNULbYMPdkTS9SrpWNyk_SeBY22mfvmCjY7t6KlBI3wkiDGcYTl6NWrpvze8fQBDBfILbFp79j7fZDIJ3NhPNVHQC7zq4ZUoyQOhHH3le3O5wPJbsIsCioQsr63TnqLCPWhxwkEiaCkLzRYsykL2rqd2tH7vwJObiwzWOp9BLYHLMLYIfVsm1713HbTiEcqrw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
11081383
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 5469 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d829fd44c171d5be64f8774e4ca63ce088d862bdb2164e009d0202781e18ea92

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tby1zaG91LXRhaS13YW4tc2hvdS16aGFuLWppbmctY2FpLWR1by1zaGVuZy13ZWktbGlhbi13dS1odS1iZWktcWl1LW1pLXhpYW4tYmFvLWh1YW4tcmVuLXpodS1jaGktcnUtaGUuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWU3YTQ5YjY5LWFkNjQtNGYyZi04MzQyLWIzZjc1Yjc0YTJmMyIsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZDI0NmYxNzQtZWM1ZS00MmM3LTgzNDctYjk1NGIyN2FmZjM2IiwidGltZU9mQXVjdGlvbiI6MTY2OTIxOTY2MTE4OSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZDI0NmYxNzQtZWM1ZS00MmM3LTgzNDctYjk1NGIyN2FmZjM2IiwidGltZU9mQXVjdGlvbiI6MTY2OTIxOTY2MTE4OSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImQyNDZmMTc0LWVjNWUtNDJjNy04MzQ3LWI5NTRiMjdhZmYzNiIsInRpbWVPZkF1Y3Rpb24iOjE2NjkyMTk2NjExODksImJpZHMiOlt7ImNwbSI6MC4wMTUsImFkSWQiOiI3NDQ2ZDdjZmI1Y2JjYTEiLCJvcmlnaW5hbENwbSI6MC4wMTUsImJpZGRlciI6InRyaXBsZWxpZnQiLCJyZXZlbnVlIjowLjAwMDAxNDk5OTk5OTk5OTk5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODIwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY2OTIxOTY2MjA0Mn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0cmlwbGVsaWZ0IiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NDQ2ZDdjZmI1Y2JjYTEiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDE0OTk5OTk5OTk5OTk5OTk5fV19&c_b=8017.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:42 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3912636984449595&correlator=712499877928522&eid=31070233%2C44752586&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&didk=222268587~1405798805~3903847155&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D7446d7cfb5cbca1%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D0db53c8c8f248e9f-22aaee2aa1d80056%3AT%3D1669219661%3ART%3D1669219661%3AS%3DALNI_MZQHxrslyMtraSccilg5elhe7M3AA&gpic=UID%3D00000b822098f461%3AT%3D1669219661%3ART%3D1669219661%3AS%3DALNI_MZjzNze2qVlHTI50_f5fZ0lquTYmg&arp=1&abxe=1&dt=1669219662853&lmt=1669219662&dlt=1669219656357&idt=4685&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=692626968.1669219663&ga_sid=1669219663&ga_hid=1499&ga_fc=false&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
93009fce0a4402880d9b38ebb8b4baa8a87b9074d8d6dc94cd5c307511d751af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25579
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CBC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:42 GMT
expires
Thu, 23 Nov 2023 16:07:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DDF9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
672844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtMiH%2Bou3r8x00xpNYFzlCE9lEFrC96uQHLMnJk%2BGosBmtj%2Fcs3wcXbmujl8hZiohQ5Ri7mEeNks%2BRnlMQy%2Br51P9C1iQ6QDpZdravGuA%2FDSerhjcOp7Pk%2FqA59z7bLlVIwfdF7j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76eb28cf2974aad1-SYD
expires
Mon, 13 Nov 2023 16:07:43 GMT
5ab904e70ba04f04aab36995c6fce95d_futura+book+font.woff
static.criteo.net/design/dt/ Frame DDF9 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/5ab904e70ba04f04aab36995c6fce95d_futura+book+font.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0b81ebd295c56386af5d622092d29db6ecb12a7f8dc8be80fe54cbbfa3d3216e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 12 Feb 2018 16:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a81bd08-5f2c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 16:07:43 GMT
animejs.js
static.criteo.net/animejs/ Frame DDF9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 16:07:43 GMT
img
pix.as.criteo.net/img/ Frame DDF9 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F38393%2F210902%2F5040eeb44263442baf5e2a4c19e0442e_horizontal.png&v=3&w=668&s=WkXOAvaQoCmLcMM2m3Gv6Scf
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26482039
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23369
expires
Tue, 26 Sep 2023 04:15:03 GMT
img
pix.as.criteo.net/img/ Frame DDF9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwce07e0c9%2Fimages%2F114921-Master%2F114921-COLUM-front.jpg&v=3&w=400&s=dEF3mfDxbYkuFYTMGgpH7t2q&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
161fa64782825e8c44e0e1d3980e4e91dcad8cb40a7616dbb2d0cabbfa75b501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=219935
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6464
expires
Sat, 26 Nov 2022 05:13:19 GMT
img
pix.as.criteo.net/img/ Frame DDF9 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwec30e73c%2Fimages%2F120129-Master%2F120129-DOL00-front.jpg&v=3&w=400&s=Q-p6zj9AkCnm72wFTk5_rcTk&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
abfa0d18d9922693e3093215bfb6ff22f09f551c2e07217b53a6f13338bacb1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1760070
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13764
expires
Wed, 14 Dec 2022 01:02:14 GMT
all
csm.as.criteo.net/ Frame DDF9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=pRF7RN14Hi00ljby8zvCTAqv1F0e69dsYgETtBv43-TFy0CklC0O4a3dbI4WvlFaSNz9mMNow4FzQXmFzVBTv2OXR4m0dKU9MQKR-TDTcJ62S6LLxMmDjhEZgtx7fPgmu_o2sa_0rA9f5sDr7xbN4B4hPuKYgPeE74cR07e0J-DRb3ArOaihkFa9auyDDTo5LbJoXTUrRdS7KiPNw00jB8481moFz2-xi_GWmaM8yHva6_wmdzz0b5qbUvHGTbsLlpwd3z3Jnpy9prTT&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DDF9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 16:07:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DDF9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 16:07:43 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame A2D1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A2D1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame F6AF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-26.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1645
content-length
801
content-type
text/html
date
Wed, 23 Nov 2022 15:40:23 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 682a73fb2198f321ef89332a6cb933ee.cloudfront.net (CloudFront)
x-amz-cf-id
eE3MRC3ZEzp1ojTWKRMTKe7wH5tg7V-X99RtA-sp6iMJO9j_564tEA==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:43 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE84 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
28642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 579A 		783 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
096f9cbaffb5b4c28bdca6d2f5444bc65b30a79aa25d434601fd0ed3671f8680
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ggjc8prKMec7_MnBJ10npA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Ggjc8prKMec7_MnBJ10npA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:43 GMT
expires
Wed, 23 Nov 2022 16:07:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 58F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
28642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 11C0 		783 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
d7d13eaeff97b78cd46489332fe32ccb5fcb8db0839d9e602042bb5c47e46f24
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R5l8FjFLBVsz9i0GRNefoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-R5l8FjFLBVsz9i0GRNefoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:43 GMT
expires
Wed, 23 Nov 2022 16:07:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=1499&cid=692626968.1669219663&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669219663&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&dt=%E9%AD%94%E7%8D%B8%E8%87%BA%E7%81%A3%E9%A6%96%E6%88%B0%E7%B2%BE%E5%BD%A9%E5%A5%AA%E5%8B%9D%EF%BC%81%E3%80%80%E5%A8%81%E5%BB%89%E3%80%8C%E5%97%9A%E5%91%BC%E3%80%8D%E8%A2%AB%E7%90%83%E8%BF%B7%E5%AB%8C%E7%88%86%EF%BC%9A%E6%8F%9B%E4%BA%BA%E4%B8%BB%E6%8C%81%E5%A6%82%E4%BD%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A8F3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:44 GMT
expires
Thu, 23 Nov 2023 16:07:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F490 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:44 GMT
expires
Thu, 23 Nov 2023 16:07:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F557 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:44 GMT
expires
Thu, 23 Nov 2023 16:07:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F6AF 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
badbf8e1d8e90266231ae5e4c8e863eaf60949c40dd3ad7482a9d8d476dc1abd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49145
x-xss-protection
0
server
cafe
etag
13717637452657337441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 579A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=917744441302965&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame EE84 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 58F9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 11C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2008182510720030&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
all
csm.as.criteo.net/ Frame DDF9 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=pRF7RN14Hi00ljby8zvCTAqv1F0e69dsYgETtBv43-TFy0CklC0O4a3dbI4WvlFaSNz9mMNow4FzQXmFzVBTv2OXR4m0dKU9MQKR-TDTcJ62S6LLxMmDjhEZgtx7fPgmu_o2sa_0rA9f5sDr7xbN4B4hPuKYgPeE74cR07e0J-DRb3ArOaihkFa9auyDDTo5LbJoXTUrRdS7KiPNw00jB8481moFz2-xi_GWmaM8yHva6_wmdzz0b5qbUvHGTbsLlpwd3z3Jnpy9prTT&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y35FTQAIDT8KaO1CAAHNJ7zXYerU1GBo_bAO1A&u=%7Cc70lsBJk3PxXvKhAnyb0LvOsee3gllaIJ5LWFlfKNFQ%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56iRyyVfVlkvn5QjhNHjm83fwXYUNXTXIBMlKk1RXQanHlOcIDho3NMbFso3fAFAB1Kt6ORYEGOB-CVfEXNIHNYNw6P0A7OT7FjEgmHWNZDkThGcQwwj0-KCFnW5_PjG9GEwXY_TxIBOq2Ppz7oUCRNq_bGILg22sqNRvmEqfQMxt_s-86AolvnT4MXKi8MjV-352g-NSRQ05th5tkhKPgyT5wYE7FyHc7dgEx3QmceQN0mN7MFPu-lUbtgl8PStoxxzlDWuETjEs9oyWt_jouc2AXMlalvVdCtCM3neACw6gggIEwIDpVssUep0hQ54NfIp6TTYVv_IOOag7F4XWISau9oR4sgUElEtRij7jAFt1eu-VrGPVoukQWj1sd24cuqNTVxv_EkGKgvgBuDHWVimNSyE80KW82y35C5zFP9PMJb00h7pqmQ0MhHlE6ctRo33R-y5GZ6wQHnWkEMQUV3FTeRwSwoTF8Lqz7TtdiCqTFXGuJ3D0QANITtWoMsW-i_DOr69MZDa0plKAcMlclKrQRjmdEvNSz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGc17TUV-Y7-aIMLaowOnmofgCpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAkAGk33pUKY-qAMBqgSTAk_Qb3FqnQXf23Fk8kWGxwAjK8Q6r75mlkQA80CFFGepCqYXU1ojtHKTzdMy65sMzgzznMeHCtPKKAujoBaVm7DcvmiN5mU7yVq_DKW_rnXGXrXJ__qVPuGkv9Dtph12FIcxksyroLaj_XHJHR53LnztHQ3Kph2i7KdqDy-ZjOo0UtlLOrTSZUfNGJcRpNqE-9Q9BJLiSWCIJak_e5rJ6wqjujpYpk9A00PUCvLYPR_ZevwOBUfcsFH7alXZO70FPA_yB-kKWDdvEZVnmwJ7Qwhf3kjik7VjeL3WRd9UUMNo51KFZF_On6aBv8MqG5efrPME_UdtQ_4HGOTTaZYg0o6WI3eUCNVm_0G0itnyKlJCku8hgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0q-AUWtjD2HZEn7d_eekxonc_XSw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 16:07:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Nov 2022 16:07:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5469 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8UmpztkckXR-_jLlKB4i-tptGDWeZDCQOjTKUqtcP7WBaLhE_0jaLl-YTgUBeS2Gt4oURVAkbvZrEFr3Pg0AKgThK&sig=Cg0ArKJSzN2fvmihCX8MEAE&cid=CAASFeRosjnKsoPDKa_8JC4unkFqIk3kog&id=lidar2&mcvt=1007&p=0,0,280,336&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669219661398&rpt=1817&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 663E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENn9hYADGL2BgsgBMAE&v=APEucNUsqa6CK5SEy0j1TtXcKkd0vatj3oQpaj0shFpU0M6sS18EqdOiEK3NjJ3UcOFw3DtGvj_pX_uEumICukwolbzX4x7hTQ
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A8F3 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuHUVnA6Vs2QUIUAV1wb53zx3LqCuIQSK2Ye2819wbMoSPZANVgOxjgr6TRKfH_cJdrCQW3qNI8HkfqG_1SNP3uS9-N5wj9byJlENrSIWR1gtCyBOdtF_QBIdk5emkg3lHXEpZBhA-X_h0E6OsdejfJGU-IHz3fchPuY4Nzh4PIYiUwhQ&cry=1&dbm_d=AKAmf-Afp5t4PtZgBGVMhicUSIdEkYX5jYAmXhZEUOZICflLGDSFhpxq6Bt8pmtUwPRWmNPzJtBXJFx0LfKZaD5983HrlKKc_kc7a2n5CYdgo9OpC4NqEXMHz_edFClpIb7eTq5M-4zagkWM4WtDCSTaHxezXpen7ROIm7JuKOHXtFAYCLg9VmSzBYV68zGMuNuR6_ZL4SgDKhT_UV9_nPT1uRpQAJCmneG528Qrq-Oapf8jXMSEqzjco-TThBZhdwGNu-lxMNhInHEsv4iB_igd7H_K-upmWScBrkDSadNKn-D5SDi_O08edjZOl9yE2omWKJ61OvB6hx8cJXA3Rd-uM4j4c4VhyS0fe47ixSiQnlyH6j9oGf7IGd06W4JV88ZoyMQN_ov4RVrhE_1NHbHMxAT17eGFLyP2IUws8KAnH13vrQ06qUnC-g84Fxu3XJeJKc5En0n74PMvZn4hjuhKRBcBMHVt3mp6SZPwpNE1TOQ8LY-7WbdrLon0QIuUHU263CIC1B8CXJ5v5FjREd3HuQ_wApg50nAhhgokHYpDFSFHx1zRl6QRDY0a20rFswj8oEBQwPh-jlPeEFyGCZ9xikrisvf8fXfsOkB4HW_aVn3mzIB8TDZMZ5eylnrCyX-cPJdRrbIUT5yj88Ah_tyBDkEPLcsFQ7F72XBWwXG82wvltzq6yXri1o6SNU-MG9FDJGGReysEWQduSQCZntoUtySn7U9MAYB_Rax7ZSGePZUBDxPWoCtJCuRmeOoRTZHhC6R3f6y5QmclrRTXXcQkErdUhzEWoClH_PGaVwvTVzL1iU74Tbxir4fV6ilLhgc4C3RMsZexd1iF3VUNUwM7uPzT88nHf7ipU-40aVJPXURIijTwFfsGPOwnQqVZPscJZW_sR566XirvZX80Pty0c6wa_d5mVdggi0aMHX62qE_yfGNwMfNV4v4fmq6Wn4drdOvhTaFVI2h91B1tldw4emO4jfQ9t5G6lGab-kLlahniLgsFk9gmGShjlqosiFCRTxFhalee8R0g3yasG1IikWfCv7fusOFsxzoWef1KHYsfd6RuGm67FFLMnkZdhir01oc5R6dls6cesa0mWNKZpXLkfFKBicLIPWECP5UnBYTQ2cLOOLLO9DotBCyg3pf-dQHIaNQbs-oRAKuLhRxeFYxn2gaM6Rb4e1yc9DoYtTvpFDS4zjJ5gEHvW8Hrt8bv_VbppaS5-OLYzhHlXw25JVB-7YXOWtG6xNerkEJb4R2N2B8gLcwmho3h9Y1EQ66GZC5krasolan_XtnQlDrmMQuZBvmACxTunfBhwI4IaQH1iS5Z0SCHqyVx2cLH560yg5UNrSQFC0CXIYVOI6U_CjNfmkFFVAvaTzbiTnISrSNeVrntSOQ_GVpYL8XmFV-PvqoP_uqYxA8Z-d7lsF8Rzaw0BlAk-65AeljFF-kMyNr8VaUgHEPCuVf-xf1L3lTWQf9bQ0K1_3CgjwBXSFNOOxBt0SucA5fkNrvWNVYjupg8oT7U5703yfPoIVtQb5VTaPzfnA9deK2vzCvSJr7zYVr6SIv_eY-axSCW5DAzU7K8yNB3kj-nwl2lyHMO8E_gcwH5Yy7g34Lz3v3F0O1AD-MjTf_ILrircemiObI4dmCvpftEz23eMkiiAlyvn2poStVFkqE6cqVGrgyoOZhUBfdzTZ9iBgdLDe06j1Y8wZEUu5VTzx_Td42eRbL8gz1xHBMUVLkxtzSd9qLIBLnqRIBXiMatjC9OhlRzSbhv6YUAQLEsZWNueVr81tAeT-0CRB4F8hbT5LMNQUiJOha1bmxv0ilfelmDyhhk9x187OXKmuVJ9dcNG7mnj0s0rqiZvjxD7LStPwqFzLQbCQBn_B6C_AIlRc_5Kza4B7_Lz5L3gN2yfd9OfAioaRLCyE3fAAt_KE9CXKYr8Zi8rwdOAMK44ZHPIPcvPdqfcPxWO9YqB3w3bR3GmpcQyOXOw5sdqGOlSc22sJbDgOCVTqMXxuwab9IfahAkLaE-KPHVdUxci31j820CqpoM-3-kUcAwz0Y5O45OPdF_qtrOsq5R7SUUZlZmoGc71ZJCQk-HvmyCNT-SmAy9yZWF-ltioukA5AxzKpQRsvpHp8yK8tUnF0K6wG0jVyU6ffzmYWJYd-aF8CM-y1C-YWLC3RPq4Lj8_of2eyYDrNLMtB_HKrkWA9JAloEJn2bwfAWqDdWhtSesRo8Daxafn7t0bQHUEMtUoxsfs3s3pN7WzAcrgghBE0W16jg1MiGGDNdv0LvT3t1jqfgzJdU3ppjqJ4SQQ3TyBb15E_rO1G4tuhLgdAxrY5iqHWN4eLgZRDoI3a91NrCkA0Qu0jdXkPHybQvTJ4_UuIGSWNxWwHGib0F4vGkN34GRsCBgKcYodYYESvp-7c0EiGTEXL0o1q_ZJrvHBhpbYqFsuXq_LiB4hCJzxPKIRNjKfHSl5KlhfLHQIHqwQmLm4ZXNoFeQGWd62viAbA-MrGVWW6I0KakXRd2BsSmh9x1mnZJ_ew7god1Uo9Q1-bCj8T_FwhH11_PQwrb2iGwlzdiB6BZNA7wEnyMHjnJVCaAXRZzN_8nIDPR1CA86M_y0YhlAwQ1Ha1LpgV3ZXssFF3ccyzU32vQdh9XT3wv25NnlnMWjaUBe0aHTrtZVdINVfaz0FFCdmp_kp7Z0bJ7mkIYowzSkgAALHSXcSojldbWHrAHOcufFanG3_TStIxMWJvYrTbXMJMvH2Ure-RL9gKA8ALps84PrXidybqAdrRwDMAWOMfBARNE0nQ0pPDyBlVhyCrUIknAlzR5WivgYNkSc5G80ATXUrsA_nby8185dOYBIVVzwrAwantA4csyhD-KgaiCxiEWOdsy2j8tX6cWs4sJ3xojNhXpdRbO0R8CsmJmzVYsoizvHTyQkQ5T1QQGIvFECVlz49zFxIqMlRpqeQlbg31UyjUJ-8lL_shNXEeBEw3ZLxDF77N5AGWOi_2TPvMgGUuG1dzdkgsDXlxuC1D-KPVLYCDaPqNPkR7ke4M7mLcdwGur0q1E1qcdseIu1yi2lj2pSDpVNGdJctqjQDJ3ZHSFDje6V0RYlsTFDrJEaO5Wmsc2KqKi0EtG82LEplw8YHn9u0RNemPQDwixMaPUvE4j6_atmBGZ1qdYInUB30vU_LS8zRDaZcTQSN60eVEwAsS3KxgtMJaoM1XCVM_XWOetAq9yRMu5qLBbuKG8bsMobWm_QRrxmhYtP6h9URqaAkQBXqD7lrhTGkUmbIsHw6E6lFCpZCZ63PXKwhwIeVFj_--2f8YwGKEMJUzodFo8CWPEBhk2y3Tyxa8UDLqqf57PP44JZ_ZwAVt_veTJh7oyR7V_huGdasKP78iKzKjQ&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
72e2fba8a9d89ec9357e6c188cf0e8616fa9a5ca7b9d82254f810953b9195dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8F3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYLFh1W2J_xvZ0TCPdYI5dOeqV3AY7475SP5mV7Jn3ff-jJ_O5DfMYJ5TCN1M-_WHxm5RhYZ7yABoI72bXx_Hx0NOGe7I88HkNS98-vYghLKX-PFc
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A8F3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
43441
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 04:03:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A8F3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
85592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame A8F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxP_0QTduOQxT4utRvnb6dpOFCmCk_nfgVCrqYe53Z1LdvXpj6CapUNDp4HICvQ15KOjo2mRw2VygCRirgcOUx6S7GbQ
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8F3 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:44 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F490 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7MycT0V-Y5erAvrg3LUPyJqPwAzp2tPMa8igkM7LEMCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLl2snSeTlhPuACAKgDAaoEuAJP0Mmm00AsVdO41x3RGqLsRrHebzXY2BzYorFDWLUOR1G1LWTLbLvWcq-9s8w2VvMNoLYxmWNCg_iGGtudMGRLbJCPL4fDn_BEu6SEsXPkvmty-8ukM-2-XDygbnSvTuOHNuL8zY5vwY2svDWusVcg7DPBrjvXNq-wFbDTHKrpFOSmn0tSScIg9RgF7j0-P9Xc3P9bdKeJX7ZfsXeUwZvsm_vCI0J7_iTqERfU1YhLMczT9C60Z00JCp9mX4gFHQqOlfCtvF3wm69Dx5C5DzkluHzgQQmZPQzlCTLNZ4A5BoUt0ZyfiEVAwP2ch2ItyCdaC457MRW-cQz_yStB_G3e7SjjJOMMq0Y7Z-iq3nTBAE9fMD4RBen1FWLH1uhUQPvH0_3naQZGdXaSnkcaAHwhoFpot7KznyngBAGABrHSgISr7drplgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=LA8xreKphKk&uach_m=[UACH]&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
winshowimg
theta273.rtb.appier.net/ Frame F490 		42 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theta273.rtb.appier.net/winshowimg?bidobjid=PnTEaG_dDeOpitr1T0V-Yw&reqid=V3wyZ8ySSIrRXBPuaRagrA&cid=UkhomrwvQieqQwhkieJsig&crid=8HYWuPumSUa87ydykYCOaQ&partner_id=03mSf3HNecb-&bx=Cylxwnu_oPImKqoD7qGs2rwm7Pfm20ZDK4lswmo121l9C1u-uYOPuqa1Jmg9u1x1cHd121uVorw92rd97PM9o4u-uY79uqa1wYZPKY7Bu1x1w8Q121l13Po9wmA1eM&impid=1&ui=CyljUmOjUbisc8M121l0MIirtIiKZ8S03iga3mN2Zrlc30tTt8NTtfG1eM&consent=1&ddhh=oqoW7d&price_encoded=Y35FTwAAlZcAtzB6AAPNSKOMQhMU345U2Hekxw&cachebust=889274737
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.58.165.139 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 16:07:44 GMT
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
w
vst.c.appier.net/ Frame F490 		42 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vst.c.appier.net/w?cid=UkhomrwvQieqQwhkieJsig&crid=8HYWuPumSUa87ydykYCOaQ&bidobjid=PnTEaG_dDeOpitr1T0V-Yw&partner_id=03mSf3HNecb-&tracking_ns=&consent=1&w=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.58.163.32 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 16:07:44 GMT
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
gcm
a.c.appier.net/ Frame F490
Redirect Chain
  • https://a.c.appier.net/gcm?trigger_hosted_sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVEzWVpoZ1VDVFNhOTlMNlVFVi1Zdw%3D%3D&google_redir=https%3A%2F%2Fs.c.appier.net%2Fgcm2%3Ftrigger_hosted_sync%3D1
  • https://s.c.appier.net/gcm2?trigger_hosted_sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=appier_pc&google_hm=TFpvZFNpVVREdnVxdWt3cVVFVi1Zdw%3D%3D
  • https://a.c.appier.net/gcm
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.c.appier.net/gcm
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
103.3.63.48 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li819-48.members.linode.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 16:07:46 GMT
cache-control
no-store
server
nginx
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.c.appier.net/gcm
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame F490 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=23716808&cmp=187099&plc=6790256&sid=10482&dvregion=0&unit=728x90
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.59.80.114 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-80-114.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
moatad.js
z.moatads.com/appierdisplay844822012038/ Frame F490 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/appierdisplay844822012038/moatad.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3eeb055d7d06c17cd648bdc6c32520c00d74a04c86007ed40820b0133ee01c4b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:04 GMT
server
AmazonS3
x-amz-request-id
ZZ2TE6XJ57HAZYH9
etag
"08f19a6c8c3d644400f119a9a41fe2e7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56768
accept-ranges
bytes
content-length
111147
x-amz-id-2
Yt8AXuWEkIUIoGM1AxwD7FbS2yF+gIEd9BL2RErECnh/qZzJvFXxo2kokKCVUN8ocugeUhKbvVQ=
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F490 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
43442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 04:03:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F490 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
85592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame F490 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLCnqRbeq-6RjtRP1IsitucEKu0BKpFJg1iDJ-wH0RSu4xZg7aKSE3FN49-YKf1ghedTPM3N5TMe9M8KTfiyXdAvcI1g
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F490 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
63773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 22:24:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F490 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 802C 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGInHgtoBMAE&v=APEucNWsQ8EbG-kisnQ_Cl27xoRRgdVBKebMKc7IyMYzqKY463aYhe_PvnuKzOeEpdrh4TVQGs-MaW3IeWi4hTtXjU82DgBQQw
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F557 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmQaDSApWdQmLtEL_v3MDBF-HivtSICtpR39Qx7X3bsypf96rKQAckhJLjferh0bmXqtP6qX4xR8d7Ihuy47i1x96zngRHuluHOW8A7MrPNp7X_xQ
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1785422693768280564&x=1&ct=76
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F557 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 04:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
43441
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 04:03:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F557 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
85592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F557 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=1785422693768280564&x=1&ct=76&dl=0&ds=0
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame F6AF 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
27b6a1a1b9fce1c609e64c20eae9ad7839a2209b110663d4d42368186fc309ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
6341151266107442423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 16:07:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 979D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
21628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 10:07:16 GMT
etag
10353107486223812946
expires
Wed, 07 Dec 2022 10:07:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame EE84 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hj6RSQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 80B3 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
f71b3f73630e6ab7a787dd63b6d80245d7ee28b43254adc6f2859fd4727ac4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12448
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 58F9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XHlXog
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 663E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENn9hYADGL2BgsgBMAE&v=APEucNUsqa6CK5SEy0j1TtXcKkd0vatj3oQpaj0shFpU0M6sS18EqdOiEK3NjJ3UcOFw3DtGvj_pX_uEumICukwolbzX4x7hTQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 663E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y35FTk47-C13IzGVNooSSQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENn9hYADGL2BgsgBMAE&v=APEucNUsqa6CK5SEy0j1TtXcKkd0vatj3oQpaj0shFpU0M6sS18EqdOiEK3NjJ3UcOFw3DtGvj_pX_uEumICukwolbzX4x7hTQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL8ftYU0IS4K0krd2w0qQy0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 663E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHZBFOb6dMPkh3E25xyDgQI&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHZBFOb6dMPkh3E25xyDgQI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENn9hYADGL2BgsgBMAE&v=APEucNUsqa6CK5SEy0j1TtXcKkd0vatj3oQpaj0shFpU0M6sS18EqdOiEK3NjJ3UcOFw3DtGvj_pX_uEumICukwolbzX4x7hTQ
Protocol
HTTP/1.1
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:44 GMT
AN-X-Request-Uuid
92391cf0-1b25-4fef-8980-eedaef5a8c4b
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHZBFOb6dMPkh3E25xyDgQI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 663E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNDQ2NDkwMTA5NzQ3MzUwMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNDQ2NDkwMTA5NzQ3MzUwMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENn9hYADGL2BgsgBMAE&v=APEucNUsqa6CK5SEy0j1TtXcKkd0vatj3oQpaj0shFpU0M6sS18EqdOiEK3NjJ3UcOFw3DtGvj_pX_uEumICukwolbzX4x7hTQ
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:44 GMT
AN-X-Request-Uuid
e8b153e3-7898-4d94-9816-cf62d8ca4ece
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNDQ2NDkwMTA5NzQ3MzUwMg%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A8F3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuHUVnA6Vs2QUIUAV1wb53zx3LqCuIQSK2Ye2819wbMoSPZANVgOxjgr6TRKfH_cJdrCQW3qNI8HkfqG_1SNP3uS9-N5wj9byJlENrSIWR1gtCyBOdtF_QBIdk5emkg3lHXEpZBhA-X_h0E6OsdejfJGU-IHz3fchPuY4Nzh4PIYiUwhQ&cry=1&dbm_d=AKAmf-Afp5t4PtZgBGVMhicUSIdEkYX5jYAmXhZEUOZICflLGDSFhpxq6Bt8pmtUwPRWmNPzJtBXJFx0LfKZaD5983HrlKKc_kc7a2n5CYdgo9OpC4NqEXMHz_edFClpIb7eTq5M-4zagkWM4WtDCSTaHxezXpen7ROIm7JuKOHXtFAYCLg9VmSzBYV68zGMuNuR6_ZL4SgDKhT_UV9_nPT1uRpQAJCmneG528Qrq-Oapf8jXMSEqzjco-TThBZhdwGNu-lxMNhInHEsv4iB_igd7H_K-upmWScBrkDSadNKn-D5SDi_O08edjZOl9yE2omWKJ61OvB6hx8cJXA3Rd-uM4j4c4VhyS0fe47ixSiQnlyH6j9oGf7IGd06W4JV88ZoyMQN_ov4RVrhE_1NHbHMxAT17eGFLyP2IUws8KAnH13vrQ06qUnC-g84Fxu3XJeJKc5En0n74PMvZn4hjuhKRBcBMHVt3mp6SZPwpNE1TOQ8LY-7WbdrLon0QIuUHU263CIC1B8CXJ5v5FjREd3HuQ_wApg50nAhhgokHYpDFSFHx1zRl6QRDY0a20rFswj8oEBQwPh-jlPeEFyGCZ9xikrisvf8fXfsOkB4HW_aVn3mzIB8TDZMZ5eylnrCyX-cPJdRrbIUT5yj88Ah_tyBDkEPLcsFQ7F72XBWwXG82wvltzq6yXri1o6SNU-MG9FDJGGReysEWQduSQCZntoUtySn7U9MAYB_Rax7ZSGePZUBDxPWoCtJCuRmeOoRTZHhC6R3f6y5QmclrRTXXcQkErdUhzEWoClH_PGaVwvTVzL1iU74Tbxir4fV6ilLhgc4C3RMsZexd1iF3VUNUwM7uPzT88nHf7ipU-40aVJPXURIijTwFfsGPOwnQqVZPscJZW_sR566XirvZX80Pty0c6wa_d5mVdggi0aMHX62qE_yfGNwMfNV4v4fmq6Wn4drdOvhTaFVI2h91B1tldw4emO4jfQ9t5G6lGab-kLlahniLgsFk9gmGShjlqosiFCRTxFhalee8R0g3yasG1IikWfCv7fusOFsxzoWef1KHYsfd6RuGm67FFLMnkZdhir01oc5R6dls6cesa0mWNKZpXLkfFKBicLIPWECP5UnBYTQ2cLOOLLO9DotBCyg3pf-dQHIaNQbs-oRAKuLhRxeFYxn2gaM6Rb4e1yc9DoYtTvpFDS4zjJ5gEHvW8Hrt8bv_VbppaS5-OLYzhHlXw25JVB-7YXOWtG6xNerkEJb4R2N2B8gLcwmho3h9Y1EQ66GZC5krasolan_XtnQlDrmMQuZBvmACxTunfBhwI4IaQH1iS5Z0SCHqyVx2cLH560yg5UNrSQFC0CXIYVOI6U_CjNfmkFFVAvaTzbiTnISrSNeVrntSOQ_GVpYL8XmFV-PvqoP_uqYxA8Z-d7lsF8Rzaw0BlAk-65AeljFF-kMyNr8VaUgHEPCuVf-xf1L3lTWQf9bQ0K1_3CgjwBXSFNOOxBt0SucA5fkNrvWNVYjupg8oT7U5703yfPoIVtQb5VTaPzfnA9deK2vzCvSJr7zYVr6SIv_eY-axSCW5DAzU7K8yNB3kj-nwl2lyHMO8E_gcwH5Yy7g34Lz3v3F0O1AD-MjTf_ILrircemiObI4dmCvpftEz23eMkiiAlyvn2poStVFkqE6cqVGrgyoOZhUBfdzTZ9iBgdLDe06j1Y8wZEUu5VTzx_Td42eRbL8gz1xHBMUVLkxtzSd9qLIBLnqRIBXiMatjC9OhlRzSbhv6YUAQLEsZWNueVr81tAeT-0CRB4F8hbT5LMNQUiJOha1bmxv0ilfelmDyhhk9x187OXKmuVJ9dcNG7mnj0s0rqiZvjxD7LStPwqFzLQbCQBn_B6C_AIlRc_5Kza4B7_Lz5L3gN2yfd9OfAioaRLCyE3fAAt_KE9CXKYr8Zi8rwdOAMK44ZHPIPcvPdqfcPxWO9YqB3w3bR3GmpcQyOXOw5sdqGOlSc22sJbDgOCVTqMXxuwab9IfahAkLaE-KPHVdUxci31j820CqpoM-3-kUcAwz0Y5O45OPdF_qtrOsq5R7SUUZlZmoGc71ZJCQk-HvmyCNT-SmAy9yZWF-ltioukA5AxzKpQRsvpHp8yK8tUnF0K6wG0jVyU6ffzmYWJYd-aF8CM-y1C-YWLC3RPq4Lj8_of2eyYDrNLMtB_HKrkWA9JAloEJn2bwfAWqDdWhtSesRo8Daxafn7t0bQHUEMtUoxsfs3s3pN7WzAcrgghBE0W16jg1MiGGDNdv0LvT3t1jqfgzJdU3ppjqJ4SQQ3TyBb15E_rO1G4tuhLgdAxrY5iqHWN4eLgZRDoI3a91NrCkA0Qu0jdXkPHybQvTJ4_UuIGSWNxWwHGib0F4vGkN34GRsCBgKcYodYYESvp-7c0EiGTEXL0o1q_ZJrvHBhpbYqFsuXq_LiB4hCJzxPKIRNjKfHSl5KlhfLHQIHqwQmLm4ZXNoFeQGWd62viAbA-MrGVWW6I0KakXRd2BsSmh9x1mnZJ_ew7god1Uo9Q1-bCj8T_FwhH11_PQwrb2iGwlzdiB6BZNA7wEnyMHjnJVCaAXRZzN_8nIDPR1CA86M_y0YhlAwQ1Ha1LpgV3ZXssFF3ccyzU32vQdh9XT3wv25NnlnMWjaUBe0aHTrtZVdINVfaz0FFCdmp_kp7Z0bJ7mkIYowzSkgAALHSXcSojldbWHrAHOcufFanG3_TStIxMWJvYrTbXMJMvH2Ure-RL9gKA8ALps84PrXidybqAdrRwDMAWOMfBARNE0nQ0pPDyBlVhyCrUIknAlzR5WivgYNkSc5G80ATXUrsA_nby8185dOYBIVVzwrAwantA4csyhD-KgaiCxiEWOdsy2j8tX6cWs4sJ3xojNhXpdRbO0R8CsmJmzVYsoizvHTyQkQ5T1QQGIvFECVlz49zFxIqMlRpqeQlbg31UyjUJ-8lL_shNXEeBEw3ZLxDF77N5AGWOi_2TPvMgGUuG1dzdkgsDXlxuC1D-KPVLYCDaPqNPkR7ke4M7mLcdwGur0q1E1qcdseIu1yi2lj2pSDpVNGdJctqjQDJ3ZHSFDje6V0RYlsTFDrJEaO5Wmsc2KqKi0EtG82LEplw8YHn9u0RNemPQDwixMaPUvE4j6_atmBGZ1qdYInUB30vU_LS8zRDaZcTQSN60eVEwAsS3KxgtMJaoM1XCVM_XWOetAq9yRMu5qLBbuKG8bsMobWm_QRrxmhYtP6h9URqaAkQBXqD7lrhTGkUmbIsHw6E6lFCpZCZ63PXKwhwIeVFj_--2f8YwGKEMJUzodFo8CWPEBhk2y3Tyxa8UDLqqf57PP44JZ_ZwAVt_veTJh7oyR7V_huGdasKP78iKzKjQ&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
frm
www.adtrek.co/adserver/ Frame EAA9 		26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.31.162 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-31-162.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3c95bc2a7b63f18977061325767bd80a5c38916ba78c6e82d9d07f7cd8b4cf36

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
26253
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Nov 2022 16:07:40 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3860 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
50464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:06:40 GMT
etag
48472445140208031
expires
Thu, 24 Nov 2022 02:06:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A8F3 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bc85b8500dcf8734217d3fda40303372a72a9eeeebaffa608a68aa261f74ec

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 802C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGInHgtoBMAE&v=APEucNWsQ8EbG-kisnQ_Cl27xoRRgdVBKebMKc7IyMYzqKY463aYhe_PvnuKzOeEpdrh4TVQGs-MaW3IeWi4hTtXjU82DgBQQw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 802C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTM3YTUyMDItZTViNS0yZDFkLWM4YzItYmQzZjBiNTcwZTk2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTM3YTUyMDItZTViNS0yZDFkLWM4YzItYmQzZjBiNTcwZTk2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGInHgtoBMAE&v=APEucNWsQ8EbG-kisnQ_Cl27xoRRgdVBKebMKc7IyMYzqKY463aYhe_PvnuKzOeEpdrh4TVQGs-MaW3IeWi4hTtXjU82DgBQQw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTM3YTUyMDItZTViNS0yZDFkLWM4YzItYmQzZjBiNTcwZTk2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 802C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDzNdcS26kYQ27JQVgi6AlM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDzNdcS26kYQ27JQVgi6AlM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGInHgtoBMAE&v=APEucNWsQ8EbG-kisnQ_Cl27xoRRgdVBKebMKc7IyMYzqKY463aYhe_PvnuKzOeEpdrh4TVQGs-MaW3IeWi4hTtXjU82DgBQQw
Protocol
H2
Server
23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-160-138.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 23 Nov 2022 16:07:45 GMT
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEDzNdcS26kYQ27JQVgi6AlM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 802C
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjY4MTM3MzMtMzM0MS00ZmRlLTlmNzgtOWU3MDA0YWEyN2Zk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjY4MTM3MzMtMzM0MS00ZmRlLTlmNzgtOWU3MDA0YWEyN2Zk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGInHgtoBMAE&v=APEucNWsQ8EbG-kisnQ_Cl27xoRRgdVBKebMKc7IyMYzqKY463aYhe_PvnuKzOeEpdrh4TVQGs-MaW3IeWi4hTtXjU82DgBQQw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjY4MTM3MzMtMzM0MS00ZmRlLTlmNzgtOWU3MDA0YWEyN2Zk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 23 Nov 2022 16:07:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Nov 2022 16:07:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1295197101147&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1295197101147&version=m202209210101&ct=76&x=1&cor=1785422693768280600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F557 		67 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNEHct6i8BNVv-qQTTrm_sB6SdN0lCSPE02Le6SEL2rUy3DO7yXHs6dqMME9vNzhUjZCBi1VUP7EhVEJarKRNNXECqQ&cry=1&dbm_d=AKAmf-Ae4QuECiIDMcL1yvK-OI9DzvGdE8pf5eH8MTkBHaoRfawbr1uy7cdAkJNFh0GtgZCD1hl4uFDoTzSKTuQUG7gk7AOgt4pxL8LqfHTin1kHRk5mLdEHB91gP_gmNmIgUPtSxHdNKXvybyOlauoo4DHpkBs8sGPF_GosKR06ejffu21B-8b4VvPfzHZnetpSK8F-ly8ZVDBN8ef6xbt1nGRm1pB2pz7czORijihC1aDJ7byKSBfit4DHePzPJWo16mje4e0mhHX-lB1qaKKU-llrU1q0f1A3xtlssRuzuVPRFZ64rEgu8ru1tXlcUkz5XWd7IL2gPksobIhJGTJdSyxonY6-q_bdZgvEmiTe68Su7CEWWKpbuMvf-OBKTuMX_bLOp9hioaV4v7j0Gy-xzNZrn7hRjo9mnh2cdnvfiaDd9wuBvMRK2mFJAFX6iZa1mshSoToumJNqX6SpYNF3hkjFRjwBmeQXucHDPRopntXeOuF3wefO0ENALJrNtf2v2DQLVi1F1zLB1vNOMg7Ghp6IFcBHO2ZwBDwVd2GaXzMaawm-HbIUVWFjV_0Y7wXPuQCBq3IMWAo6crgYMbmtw8o5k2UXw7sTuk7AYHlmBQrpAQxmPlwo1LVNJjIxiykr1lFp857B2LKlNChFWV3A8xxhRGtl_5KlBXZuBsIwG-W4OxshShnBCQxNHI9riuuGvi0hltbjHDL3nX9nFSDux-3vCkzNzCyfHLb2k38wOj2WX7LkJiy5XhlU69ZPdkDBS5Hmekpsjoi9JNS_m2s09HVxUgIaSoJvxqkrYLPTTmL9NqwUEwhuaFgVT5F3ByvhGODH5O6sw3P5foQqsGOJi0W3XC3AzdLrPabicJwmaZKyv2gwlSl2CE6arNx9m24BpKBDG_IdUg2c06BHXBq6qV5OJIBJLOsALLai7-wRiDSpCkKHEnXHeR3RYyv8z4mxCcsihph4__QwIOzLrS5rUvuvUUFkU_Qlm5TIO02bFiGwxpQv4NP3F574Emz7vEhLvPFgS0BbTsvlc2ZfsMw07LJ5V3mo98dkPDcmMtZUACQkBEEwvKggSABS74X7CGhkWo6y8esdqh6L2yE7lJ5iEGww0t_h14Q1UwVywgj-r6mv0xqf08nDY9Jun8Jy4BuJO1S4V0J7UWYPsUNFoWCUHHOHjxvhyp799nebdHS7OVv58E7r_jsmeIfX7VDkTXrgHHArupKj__J3oY7TeM4kQvQTsFnneXDcYA1EJ-wbhuUSfM5Fzft6xc815h9wpTR3fsNbMgY1vI8GxPm4WgznM-UMwUDlXyc5Ohz1a-hYmPbRYs3cT3ub9C_UJEbMG_4NkerbK989_XB4waAJ1Y2UwFhyg1B5b3fT2sgL__gyrG4YUHYluKMnHRO-jUZmiww9B5FzoX9PClmY783ARphztpbcW8-7WKIe0KdOYf_1lkLMJ_HfQ8QJoAU9qMCkhOFZZDTNg2djwGHbGjHwxvlQk0qD0u5U_E9fl2Zvz-1r954xevIzFW4F8OLj83W5mIwhDcNCzFiQeDuTwI6YAh2lfogNeWbkFpll0TD7_u5FUs9nOq-QUbBdKqE9-TyBrfeDP6E8gNpUD4Ybk6hbinx0ncxo3AA9IJLgPR6UfUAz1HE9oTRMzqnOE3Q_QiiGqxQpEPS4kn9ZJNN96SOdHEcjKlEBjgDX_z-Hs081XHQxjO06gnlwh12L1NTuM-xhT8tT8rmX3KwnpJ-WDpSoJHndOMuKXFU0XSbuDWFlDgnUjlMfIYEmznirgBAB9qUVFzX5UTttnVTCerVc62jj8ns3pCM34fi5bg-37Y5Ej-vQ77RRwXOyL_3O4JbEjYS3k82telvy9A5_DyT9rm9cXxUA5WY6x7EMaTp_mE4AZpmNVPh-MfnDNVdMOxLlErYjHlXjF-tZG1oXns3_x844OCmTmzJmeJdP_rPWye-UAX0e3YavFdDSozQzn4GVEiNnBBUDJg2Nt6bTuXa_W01g8mwk5aiiqSUa8aW8I7tByt_ap-pDUtERIrlt_WiITmQaYrxTGfe9UDdH2pJ_HXBrB5_QcnvRk2LuY672FEJrEgpolIjl4cDTfmQSbdXW2XnW1t-jJHNdK66O5TD3Vr9QZ3bSOqpWGNxhgv9TpJMwCxYOQSXG2TCS2RfrzUVB8JNwLleaBdYYh6P5fj9jwqT8rxQYoGLKUFU5e2RDWPWNTVMVpX_QwaNR7rGw39xEJ48DpSh-u_hhitLTOcWdr2gIKctyoIuLT28GKpORIpNzkF7jJm7XZuDl03KiBXa0rGE1lvFdcWMdodGQf6-K89m9inKaK1FqbeektR8BbmeDHbp-EojULfskzcJXCBz0ubVVbEYQDOdHV6RcaMyqxYh77lO8kQ0FXYKQLsgGlGEOxz_SCOHKaPLU4aYD00HoJpZzodSbxzOw433UzRcpLEN6yw6ppawYEb7nJxw5sRv3-Kn6oY0ne6chNitFR_mE27OMNgokZHj1ssDk2xjE1aJ9mfNH8grHoPlrq_Oq-Ms-flq3tIn6QFonCR2XqcTLQltjyeGZNgkS6LkmvmstlRMnqHVNPv3UBCVyzAiv-JuqfRVi37pxtbvZeYqq2J1mzhacydlIVijECtWomT1kzjydfslj-exCwwgqw2rdfJw3RTUlhuU5hoVz9ysQSjKwBXnIvefETWZKuD70l-m003w2Z8xjlOrW9CN5Tdj0vCN3kdVTLFkshLE87SmkmDa6RYhzk2Z4HpZpzKOdiMtqNGHc6DkB_8yEwSA7d702cwTxTG4P_JT2C70A4LFWGV_9jvAyIx-p1MUqmnB3kAYiF07R3RLq5qN_E84HPi-2LDe2KPJ32IhCpKdK3cbfjBAGQeuSfhIKlQqykv4TsRkiAkoDwgYCJ8q9tV1fqyagN12YJXkmiXkiJG3atYUwYw3r2V7KDvsPG4Rsle-XjiK7QqcrArVnjPyLeiMkWE5k_JbteMdXwHYB1EF9oNyKLINNxDaxgRlR-78lgX8xKzUpSsAfVdXQkjwbJC-E53gGMV10ziRx-j0ywl94hnBZEa0jFcrdN3HVYLWcKOHcNDCtUwaLBLKyJU4-uYLjP8_B_ciQCKuKRfHOirHscDKPPYiZOGlTrh4zM4GCE5slTwhpzwrNSfykLH7OD7Q9yrl6qVCDyK98rP_HGrUpEumICcdzH1hI4SyHBzUX-jPYCcBmW_IKYJAnuHpkuoFWoU8Io2oaAgBm_PrYJV6cwA4IyJvQ4PXj7W_pP4MtFYwBHvQQ4Zw6gz2y91QJHDrZKwpz9b6S7LFjaixUju5ETog&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=1785422693768280600&adk=2857193498&idt=321&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
335b51bc853df121a2c86d836bed693a99fa68ac56e041b8fb232d5e22610119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 80B3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:44 GMT
pixel
cm.g.doubleclick.net/ Frame 3860
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FY0TqhUXhCrZY43Lj8RHRwp8nsV-Pb33H6u_9MwWOgNY6vpHWlzRiA8A068qJbtkf8S_ZllpzPOzviBrXIi...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FY0TqhUXhCrZY43Lj8RHRwp8nsV-Pb33H6u_9MwWOgNY6vpHWlzRiA8A068qJbtkf8S_ZllpzPOzviBrXIiGDwIv5L-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FY0TqhUXhCrZY43Lj8RHRwp8nsV-Pb33H6u_9MwWOgNY6vpHWlzRiA8A068qJbtkf8S_ZllpzPOzviBrXIiGDwIv5L-S5Sj
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 23 Nov 2022 16:07:44 GMT
Server
MT3 169 32252b7 master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FY0TqhUXhCrZY43Lj8RHRwp8nsV-Pb33H6u_9MwWOgNY6vpHWlzRiA8A068qJbtkf8S_ZllpzPOzviBrXIiGDwIv5L-S5Sj
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:43 GMT
pixel
cm.g.doubleclick.net/ Frame 3860
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQq...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQqHJdspIJgJQ&google_hm=Hm3KJpDgQryRWey4jGH9fw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQqHJdspIJgJQ&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fb-bP4PWT0tF0qs4LX6DHKrxV3u8gFb_OEFJfLtSTEE6ZMwm0XhEHz3HHoE_uhuZmJqaMWzRUBu4Rq-9YtHyoQqHJdspIJgJQ&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Date
Wed, 23 Nov 2022 16:07:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3860
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFAjVOzx3Rs9q0HUc35azPo&google_cver=1&google_push=ASkJ3FaIsb_eWuyd40RKyxXvgFCN7nDz16buQq00D9AQ2jniSy5zKaI_3mlT9_tz83HGZ3T6URqNCxUUuqBBh1qyPvWb89V...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaIsb_eWuyd40RKyxXvgFCN7nDz16buQq00D9AQ2jniSy5zKaI_3mlT9_tz83HGZ3T6URqNCxUUuqBBh1qyPvWb89V_QuDv&google_hm=NDE5ODM1MjU3MDQ0MzI1OD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaIsb_eWuyd40RKyxXvgFCN7nDz16buQq00D9AQ2jniSy5zKaI_3mlT9_tz83HGZ3T6URqNCxUUuqBBh1qyPvWb89V_QuDv&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 23 Nov 2022 16:07:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaIsb_eWuyd40RKyxXvgFCN7nDz16buQq00D9AQ2jniSy5zKaI_3mlT9_tz83HGZ3T6URqNCxUUuqBBh1qyPvWb89V_QuDv&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3860
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJXsKg_tKCChVNlt0aSBfbU&google_cver=1&google_push=ASkJ3FaujkS_xqE_cprBUa6yOEdObhE6wr25-VpnV2BCDGDCulrmKfqqG0E92GZxPopa8ZLvatUaL6ickbEEpus...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MVeffG7UQNdmFZzFtiK0b3RaSso&google_push=ASkJ3FaujkS_xqE_cprBUa6yOEdObhE6wr25-VpnV2BCDGDCulrmKfqqG0E92GZxPopa8ZLvatUaL6ickbEEpu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MVeffG7UQNdmFZzFtiK0b3RaSso&google_push=ASkJ3FaujkS_xqE_cprBUa6yOEdObhE6wr25-VpnV2BCDGDCulrmKfqqG0E92GZxPopa8ZLvatUaL6ickbEEpusfsVwnpqkSY6w-DQ
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=MVeffG7UQNdmFZzFtiK0b3RaSso&google_push=ASkJ3FaujkS_xqE_cprBUa6yOEdObhE6wr25-VpnV2BCDGDCulrmKfqqG0E92GZxPopa8ZLvatUaL6ickbEEpusfsVwnpqkSY6w-DQ
Date
Wed, 23 Nov 2022 16:07:46 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
spacer.gif
an.yandex.ru/resource/ Frame 3860
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?ext-param=ASkJ3FZW-7QYTlswRHASdlCEMPduxR6s0f8Zl0XzjCOEn1UwMYQvkLJC1joABkyQR1th5qRIWkX6Y3ZfWJkHiIGkis4z22NpGMtPjXY&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?redir-setuniq=1&ext-param=ASkJ3FZW-7QYTlswRHASdlCEMPduxR6s0f8Zl0XzjCOEn1UwMYQvkLJC1joABkyQR1th5qRIWkX6Y3ZfWJkHiIGkis4z22NpGMtPjXY&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBiOY_AHTQimo70c1KZRDWI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 16:07:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3860 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kci6gxYZOZej5V4gOL-zZEv3A24EQ-GujeBlOJyRk3-XbZPxdAJWQE7lVX
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.co.nz/adsid/ Frame F6AF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F6AF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AA5D 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219664423&bpp=4&bdt=547&idt=511&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=352142277560&frm=8&ife=1&pv=2&ga_vid=2074365493.1669219665&ga_sid=1669219665&ga_hid=1071668765&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44779077&oid=2&pvsid=2806712281034857&tmod=1676131394&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.2rwxx68zp7h5&fsb=1&dtd=528
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F7B8 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219664427&bpp=2&bdt=550&idt=537&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=352142277560&frm=8&ife=1&pv=1&ga_vid=2074365493.1669219665&ga_sid=1669219665&ga_hid=1071668765&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44779077&oid=2&pvsid=2806712281034857&tmod=1676131394&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.jd1vnc4iiai6&fsb=1&dtd=543
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0A96 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
59258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame F490 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=23716808&cmp=187099&plc=6790256&sid=10482&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.59.80.114 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-80-114.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:45 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64D9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
28644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A5F6 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
896b2d643404735df60e895765ee2036910e12f6a5aacb36957378a573abb45d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FjUHCXCqlPhflLxVcdWpiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-FjUHCXCqlPhflLxVcdWpiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:45 GMT
expires
Wed, 23 Nov 2022 16:07:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F557 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNEHct6i8BNVv-qQTTrm_sB6SdN0lCSPE02Le6SEL2rUy3DO7yXHs6dqMME9vNzhUjZCBi1VUP7EhVEJarKRNNXECqQ&cry=1&dbm_d=AKAmf-Ae4QuECiIDMcL1yvK-OI9DzvGdE8pf5eH8MTkBHaoRfawbr1uy7cdAkJNFh0GtgZCD1hl4uFDoTzSKTuQUG7gk7AOgt4pxL8LqfHTin1kHRk5mLdEHB91gP_gmNmIgUPtSxHdNKXvybyOlauoo4DHpkBs8sGPF_GosKR06ejffu21B-8b4VvPfzHZnetpSK8F-ly8ZVDBN8ef6xbt1nGRm1pB2pz7czORijihC1aDJ7byKSBfit4DHePzPJWo16mje4e0mhHX-lB1qaKKU-llrU1q0f1A3xtlssRuzuVPRFZ64rEgu8ru1tXlcUkz5XWd7IL2gPksobIhJGTJdSyxonY6-q_bdZgvEmiTe68Su7CEWWKpbuMvf-OBKTuMX_bLOp9hioaV4v7j0Gy-xzNZrn7hRjo9mnh2cdnvfiaDd9wuBvMRK2mFJAFX6iZa1mshSoToumJNqX6SpYNF3hkjFRjwBmeQXucHDPRopntXeOuF3wefO0ENALJrNtf2v2DQLVi1F1zLB1vNOMg7Ghp6IFcBHO2ZwBDwVd2GaXzMaawm-HbIUVWFjV_0Y7wXPuQCBq3IMWAo6crgYMbmtw8o5k2UXw7sTuk7AYHlmBQrpAQxmPlwo1LVNJjIxiykr1lFp857B2LKlNChFWV3A8xxhRGtl_5KlBXZuBsIwG-W4OxshShnBCQxNHI9riuuGvi0hltbjHDL3nX9nFSDux-3vCkzNzCyfHLb2k38wOj2WX7LkJiy5XhlU69ZPdkDBS5Hmekpsjoi9JNS_m2s09HVxUgIaSoJvxqkrYLPTTmL9NqwUEwhuaFgVT5F3ByvhGODH5O6sw3P5foQqsGOJi0W3XC3AzdLrPabicJwmaZKyv2gwlSl2CE6arNx9m24BpKBDG_IdUg2c06BHXBq6qV5OJIBJLOsALLai7-wRiDSpCkKHEnXHeR3RYyv8z4mxCcsihph4__QwIOzLrS5rUvuvUUFkU_Qlm5TIO02bFiGwxpQv4NP3F574Emz7vEhLvPFgS0BbTsvlc2ZfsMw07LJ5V3mo98dkPDcmMtZUACQkBEEwvKggSABS74X7CGhkWo6y8esdqh6L2yE7lJ5iEGww0t_h14Q1UwVywgj-r6mv0xqf08nDY9Jun8Jy4BuJO1S4V0J7UWYPsUNFoWCUHHOHjxvhyp799nebdHS7OVv58E7r_jsmeIfX7VDkTXrgHHArupKj__J3oY7TeM4kQvQTsFnneXDcYA1EJ-wbhuUSfM5Fzft6xc815h9wpTR3fsNbMgY1vI8GxPm4WgznM-UMwUDlXyc5Ohz1a-hYmPbRYs3cT3ub9C_UJEbMG_4NkerbK989_XB4waAJ1Y2UwFhyg1B5b3fT2sgL__gyrG4YUHYluKMnHRO-jUZmiww9B5FzoX9PClmY783ARphztpbcW8-7WKIe0KdOYf_1lkLMJ_HfQ8QJoAU9qMCkhOFZZDTNg2djwGHbGjHwxvlQk0qD0u5U_E9fl2Zvz-1r954xevIzFW4F8OLj83W5mIwhDcNCzFiQeDuTwI6YAh2lfogNeWbkFpll0TD7_u5FUs9nOq-QUbBdKqE9-TyBrfeDP6E8gNpUD4Ybk6hbinx0ncxo3AA9IJLgPR6UfUAz1HE9oTRMzqnOE3Q_QiiGqxQpEPS4kn9ZJNN96SOdHEcjKlEBjgDX_z-Hs081XHQxjO06gnlwh12L1NTuM-xhT8tT8rmX3KwnpJ-WDpSoJHndOMuKXFU0XSbuDWFlDgnUjlMfIYEmznirgBAB9qUVFzX5UTttnVTCerVc62jj8ns3pCM34fi5bg-37Y5Ej-vQ77RRwXOyL_3O4JbEjYS3k82telvy9A5_DyT9rm9cXxUA5WY6x7EMaTp_mE4AZpmNVPh-MfnDNVdMOxLlErYjHlXjF-tZG1oXns3_x844OCmTmzJmeJdP_rPWye-UAX0e3YavFdDSozQzn4GVEiNnBBUDJg2Nt6bTuXa_W01g8mwk5aiiqSUa8aW8I7tByt_ap-pDUtERIrlt_WiITmQaYrxTGfe9UDdH2pJ_HXBrB5_QcnvRk2LuY672FEJrEgpolIjl4cDTfmQSbdXW2XnW1t-jJHNdK66O5TD3Vr9QZ3bSOqpWGNxhgv9TpJMwCxYOQSXG2TCS2RfrzUVB8JNwLleaBdYYh6P5fj9jwqT8rxQYoGLKUFU5e2RDWPWNTVMVpX_QwaNR7rGw39xEJ48DpSh-u_hhitLTOcWdr2gIKctyoIuLT28GKpORIpNzkF7jJm7XZuDl03KiBXa0rGE1lvFdcWMdodGQf6-K89m9inKaK1FqbeektR8BbmeDHbp-EojULfskzcJXCBz0ubVVbEYQDOdHV6RcaMyqxYh77lO8kQ0FXYKQLsgGlGEOxz_SCOHKaPLU4aYD00HoJpZzodSbxzOw433UzRcpLEN6yw6ppawYEb7nJxw5sRv3-Kn6oY0ne6chNitFR_mE27OMNgokZHj1ssDk2xjE1aJ9mfNH8grHoPlrq_Oq-Ms-flq3tIn6QFonCR2XqcTLQltjyeGZNgkS6LkmvmstlRMnqHVNPv3UBCVyzAiv-JuqfRVi37pxtbvZeYqq2J1mzhacydlIVijECtWomT1kzjydfslj-exCwwgqw2rdfJw3RTUlhuU5hoVz9ysQSjKwBXnIvefETWZKuD70l-m003w2Z8xjlOrW9CN5Tdj0vCN3kdVTLFkshLE87SmkmDa6RYhzk2Z4HpZpzKOdiMtqNGHc6DkB_8yEwSA7d702cwTxTG4P_JT2C70A4LFWGV_9jvAyIx-p1MUqmnB3kAYiF07R3RLq5qN_E84HPi-2LDe2KPJ32IhCpKdK3cbfjBAGQeuSfhIKlQqykv4TsRkiAkoDwgYCJ8q9tV1fqyagN12YJXkmiXkiJG3atYUwYw3r2V7KDvsPG4Rsle-XjiK7QqcrArVnjPyLeiMkWE5k_JbteMdXwHYB1EF9oNyKLINNxDaxgRlR-78lgX8xKzUpSsAfVdXQkjwbJC-E53gGMV10ziRx-j0ywl94hnBZEa0jFcrdN3HVYLWcKOHcNDCtUwaLBLKyJU4-uYLjP8_B_ciQCKuKRfHOirHscDKPPYiZOGlTrh4zM4GCE5slTwhpzwrNSfykLH7OD7Q9yrl6qVCDyK98rP_HGrUpEumICcdzH1hI4SyHBzUX-jPYCcBmW_IKYJAnuHpkuoFWoU8Io2oaAgBm_PrYJV6cwA4IyJvQ4PXj7W_pP4MtFYwBHvQQ4Zw6gz2y91QJHDrZKwpz9b6S7LFjaixUju5ETog&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=1785422693768280600&adk=2857193498&idt=321&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Dec 2022 16:02:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame F557 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNEHct6i8BNVv-qQTTrm_sB6SdN0lCSPE02Le6SEL2rUy3DO7yXHs6dqMME9vNzhUjZCBi1VUP7EhVEJarKRNNXECqQ&cry=1&dbm_d=AKAmf-Ae4QuECiIDMcL1yvK-OI9DzvGdE8pf5eH8MTkBHaoRfawbr1uy7cdAkJNFh0GtgZCD1hl4uFDoTzSKTuQUG7gk7AOgt4pxL8LqfHTin1kHRk5mLdEHB91gP_gmNmIgUPtSxHdNKXvybyOlauoo4DHpkBs8sGPF_GosKR06ejffu21B-8b4VvPfzHZnetpSK8F-ly8ZVDBN8ef6xbt1nGRm1pB2pz7czORijihC1aDJ7byKSBfit4DHePzPJWo16mje4e0mhHX-lB1qaKKU-llrU1q0f1A3xtlssRuzuVPRFZ64rEgu8ru1tXlcUkz5XWd7IL2gPksobIhJGTJdSyxonY6-q_bdZgvEmiTe68Su7CEWWKpbuMvf-OBKTuMX_bLOp9hioaV4v7j0Gy-xzNZrn7hRjo9mnh2cdnvfiaDd9wuBvMRK2mFJAFX6iZa1mshSoToumJNqX6SpYNF3hkjFRjwBmeQXucHDPRopntXeOuF3wefO0ENALJrNtf2v2DQLVi1F1zLB1vNOMg7Ghp6IFcBHO2ZwBDwVd2GaXzMaawm-HbIUVWFjV_0Y7wXPuQCBq3IMWAo6crgYMbmtw8o5k2UXw7sTuk7AYHlmBQrpAQxmPlwo1LVNJjIxiykr1lFp857B2LKlNChFWV3A8xxhRGtl_5KlBXZuBsIwG-W4OxshShnBCQxNHI9riuuGvi0hltbjHDL3nX9nFSDux-3vCkzNzCyfHLb2k38wOj2WX7LkJiy5XhlU69ZPdkDBS5Hmekpsjoi9JNS_m2s09HVxUgIaSoJvxqkrYLPTTmL9NqwUEwhuaFgVT5F3ByvhGODH5O6sw3P5foQqsGOJi0W3XC3AzdLrPabicJwmaZKyv2gwlSl2CE6arNx9m24BpKBDG_IdUg2c06BHXBq6qV5OJIBJLOsALLai7-wRiDSpCkKHEnXHeR3RYyv8z4mxCcsihph4__QwIOzLrS5rUvuvUUFkU_Qlm5TIO02bFiGwxpQv4NP3F574Emz7vEhLvPFgS0BbTsvlc2ZfsMw07LJ5V3mo98dkPDcmMtZUACQkBEEwvKggSABS74X7CGhkWo6y8esdqh6L2yE7lJ5iEGww0t_h14Q1UwVywgj-r6mv0xqf08nDY9Jun8Jy4BuJO1S4V0J7UWYPsUNFoWCUHHOHjxvhyp799nebdHS7OVv58E7r_jsmeIfX7VDkTXrgHHArupKj__J3oY7TeM4kQvQTsFnneXDcYA1EJ-wbhuUSfM5Fzft6xc815h9wpTR3fsNbMgY1vI8GxPm4WgznM-UMwUDlXyc5Ohz1a-hYmPbRYs3cT3ub9C_UJEbMG_4NkerbK989_XB4waAJ1Y2UwFhyg1B5b3fT2sgL__gyrG4YUHYluKMnHRO-jUZmiww9B5FzoX9PClmY783ARphztpbcW8-7WKIe0KdOYf_1lkLMJ_HfQ8QJoAU9qMCkhOFZZDTNg2djwGHbGjHwxvlQk0qD0u5U_E9fl2Zvz-1r954xevIzFW4F8OLj83W5mIwhDcNCzFiQeDuTwI6YAh2lfogNeWbkFpll0TD7_u5FUs9nOq-QUbBdKqE9-TyBrfeDP6E8gNpUD4Ybk6hbinx0ncxo3AA9IJLgPR6UfUAz1HE9oTRMzqnOE3Q_QiiGqxQpEPS4kn9ZJNN96SOdHEcjKlEBjgDX_z-Hs081XHQxjO06gnlwh12L1NTuM-xhT8tT8rmX3KwnpJ-WDpSoJHndOMuKXFU0XSbuDWFlDgnUjlMfIYEmznirgBAB9qUVFzX5UTttnVTCerVc62jj8ns3pCM34fi5bg-37Y5Ej-vQ77RRwXOyL_3O4JbEjYS3k82telvy9A5_DyT9rm9cXxUA5WY6x7EMaTp_mE4AZpmNVPh-MfnDNVdMOxLlErYjHlXjF-tZG1oXns3_x844OCmTmzJmeJdP_rPWye-UAX0e3YavFdDSozQzn4GVEiNnBBUDJg2Nt6bTuXa_W01g8mwk5aiiqSUa8aW8I7tByt_ap-pDUtERIrlt_WiITmQaYrxTGfe9UDdH2pJ_HXBrB5_QcnvRk2LuY672FEJrEgpolIjl4cDTfmQSbdXW2XnW1t-jJHNdK66O5TD3Vr9QZ3bSOqpWGNxhgv9TpJMwCxYOQSXG2TCS2RfrzUVB8JNwLleaBdYYh6P5fj9jwqT8rxQYoGLKUFU5e2RDWPWNTVMVpX_QwaNR7rGw39xEJ48DpSh-u_hhitLTOcWdr2gIKctyoIuLT28GKpORIpNzkF7jJm7XZuDl03KiBXa0rGE1lvFdcWMdodGQf6-K89m9inKaK1FqbeektR8BbmeDHbp-EojULfskzcJXCBz0ubVVbEYQDOdHV6RcaMyqxYh77lO8kQ0FXYKQLsgGlGEOxz_SCOHKaPLU4aYD00HoJpZzodSbxzOw433UzRcpLEN6yw6ppawYEb7nJxw5sRv3-Kn6oY0ne6chNitFR_mE27OMNgokZHj1ssDk2xjE1aJ9mfNH8grHoPlrq_Oq-Ms-flq3tIn6QFonCR2XqcTLQltjyeGZNgkS6LkmvmstlRMnqHVNPv3UBCVyzAiv-JuqfRVi37pxtbvZeYqq2J1mzhacydlIVijECtWomT1kzjydfslj-exCwwgqw2rdfJw3RTUlhuU5hoVz9ysQSjKwBXnIvefETWZKuD70l-m003w2Z8xjlOrW9CN5Tdj0vCN3kdVTLFkshLE87SmkmDa6RYhzk2Z4HpZpzKOdiMtqNGHc6DkB_8yEwSA7d702cwTxTG4P_JT2C70A4LFWGV_9jvAyIx-p1MUqmnB3kAYiF07R3RLq5qN_E84HPi-2LDe2KPJ32IhCpKdK3cbfjBAGQeuSfhIKlQqykv4TsRkiAkoDwgYCJ8q9tV1fqyagN12YJXkmiXkiJG3atYUwYw3r2V7KDvsPG4Rsle-XjiK7QqcrArVnjPyLeiMkWE5k_JbteMdXwHYB1EF9oNyKLINNxDaxgRlR-78lgX8xKzUpSsAfVdXQkjwbJC-E53gGMV10ziRx-j0ywl94hnBZEa0jFcrdN3HVYLWcKOHcNDCtUwaLBLKyJU4-uYLjP8_B_ciQCKuKRfHOirHscDKPPYiZOGlTrh4zM4GCE5slTwhpzwrNSfykLH7OD7Q9yrl6qVCDyK98rP_HGrUpEumICcdzH1hI4SyHBzUX-jPYCcBmW_IKYJAnuHpkuoFWoU8Io2oaAgBm_PrYJV6cwA4IyJvQ4PXj7W_pP4MtFYwBHvQQ4Zw6gz2y91QJHDrZKwpz9b6S7LFjaixUju5ETog&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=1785422693768280600&adk=2857193498&idt=321&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
85800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:17:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F557 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuhx6H44G70RwJgjmn4xWRdmGo76v2x06e5rce_wT0inHYCwrzGqYSKtjx_NwBNKzfTz7Q5DV8w3aDfejo9F5Leo0jbvcJ0RI5wD7DUbux6X-N4uQ4Iy4TS79VSe3bmSyEfzmLWDP0yHOkpMNyH15LsRG1c349WoXjOqROoCAjpREi4HOPC1PtlZoj_6k1P4IKJ7AJz7KpTWT0ilPGqgHfc4oQV_7HQYsEDFr6OJRFQMVagUFTMpsikCpIpWnCBBvpUWKKQdGIltzgYzzq09qZ1wYwmTk2BfBHiKla6tucXiKz7_NKXxnDIJETG8v-0qgJ5uVHTj2R6MkK8V-juJLsgvlDim9RqfQDD6GwFyPE0_Fl-8as0W87ruwko2pxqKi0T-BKKpTwjJILKcGZYvyFMpI-CeI3cJnTbVlr9beNu-HVBPc7VSj0ukPiFr5131vTu8iIH438Hbh21acptjIsXkJI5-MDeyltKTRVRGbltDi_Mqd-jqnDRthEI10dNVVGUhWWrHykR8ruamCDYFjZzldZ7MfUazQtsrJkPtgMqOwA2YOk7qUda04cy5hIo0sBMTeDDJQHHtyqkau3gYGOOhrjs14uXbHYAnc7bu5q3I8qyCFbEA4NVG86pkbguIvcrGIk002da9gI8BnEZSQER3JGjIyI0X3VKNZXWD0eq38AxUa-N-YP9xGeGp13uT7tdChrFkOp4fjfz6T26uHhlyxYrrQK-j_Vggs_yKf0Jq-V1S1K_F359V8c5st1zn63VQu3xXY15gh9gu8VuoU4-LvtbXVtAtkNN7cSVzE2P93gDjpAF9DZ04BXoD8i1Dq7bDRkODIUpFKBS_cLWmcR7qngYVpyXu9YyJP05SzntZJ1Vc5zJnW2m_2GOmOThPNJ3LhYMH1i4vnXp-HmEyPEiVQ5GVM94iEatGBTW39dh7dUGBQIXkxSLKLju_E40KlG1hLexYL3v-R_CEWqQxEbFnW9jJ2Nc6GEDzaL2QmMaoIPgfgG_IEoC0CnbELVH_jMZZaeyRTgMILXCM3AEb19LdjyQ46CwqVDXi8Y_rrVhdyyTmLHcxNUH3hSm5PVCNJXyO9hiuxGtSJwSyrHMuq3xPm03y4iKab038BiTd6GqqpN0jgvrPLCxPe65lzNNZO8eeVPdC9tM4ZXuWCQqVxaT9Dnuxyx96qF1Z7S0H0-j2XNKyK9FDYdm-L8YrPQwtEMapTdE0hVCFBn_UNcYDv8U-5l&sai=AMfl-YTWmYKUfZAaFCM3VAYy-FfvznlC-u_OAFn4kBja8wWFMCxPLzVXwDV9kbRQinocu5ISIhvinSbNb5tlNRc44Ubm2lfQrGOnYVkFk1eve84-QHkBwrwHO15ewAUORsqqGoY8X0qALIb0Jhj0dw5uGcpR4r8Op0uKcsjRez5p1m3U8x6T28aDyWdt6pGfS8N6tGZC_cOmATFfI6sG85XIokQW1uSbzUaxu-tGR0Ba0MuM53D6DoyaC1T9dzJEw1S_GBZFDRFK87c&sig=Cg0ArKJSzPspTYVxO2D3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221110.92146&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNEHct6i8BNVv-qQTTrm_sB6SdN0lCSPE02Le6SEL2rUy3DO7yXHs6dqMME9vNzhUjZCBi1VUP7EhVEJarKRNNXECqQ&cry=1&dbm_d=AKAmf-Ae4QuECiIDMcL1yvK-OI9DzvGdE8pf5eH8MTkBHaoRfawbr1uy7cdAkJNFh0GtgZCD1hl4uFDoTzSKTuQUG7gk7AOgt4pxL8LqfHTin1kHRk5mLdEHB91gP_gmNmIgUPtSxHdNKXvybyOlauoo4DHpkBs8sGPF_GosKR06ejffu21B-8b4VvPfzHZnetpSK8F-ly8ZVDBN8ef6xbt1nGRm1pB2pz7czORijihC1aDJ7byKSBfit4DHePzPJWo16mje4e0mhHX-lB1qaKKU-llrU1q0f1A3xtlssRuzuVPRFZ64rEgu8ru1tXlcUkz5XWd7IL2gPksobIhJGTJdSyxonY6-q_bdZgvEmiTe68Su7CEWWKpbuMvf-OBKTuMX_bLOp9hioaV4v7j0Gy-xzNZrn7hRjo9mnh2cdnvfiaDd9wuBvMRK2mFJAFX6iZa1mshSoToumJNqX6SpYNF3hkjFRjwBmeQXucHDPRopntXeOuF3wefO0ENALJrNtf2v2DQLVi1F1zLB1vNOMg7Ghp6IFcBHO2ZwBDwVd2GaXzMaawm-HbIUVWFjV_0Y7wXPuQCBq3IMWAo6crgYMbmtw8o5k2UXw7sTuk7AYHlmBQrpAQxmPlwo1LVNJjIxiykr1lFp857B2LKlNChFWV3A8xxhRGtl_5KlBXZuBsIwG-W4OxshShnBCQxNHI9riuuGvi0hltbjHDL3nX9nFSDux-3vCkzNzCyfHLb2k38wOj2WX7LkJiy5XhlU69ZPdkDBS5Hmekpsjoi9JNS_m2s09HVxUgIaSoJvxqkrYLPTTmL9NqwUEwhuaFgVT5F3ByvhGODH5O6sw3P5foQqsGOJi0W3XC3AzdLrPabicJwmaZKyv2gwlSl2CE6arNx9m24BpKBDG_IdUg2c06BHXBq6qV5OJIBJLOsALLai7-wRiDSpCkKHEnXHeR3RYyv8z4mxCcsihph4__QwIOzLrS5rUvuvUUFkU_Qlm5TIO02bFiGwxpQv4NP3F574Emz7vEhLvPFgS0BbTsvlc2ZfsMw07LJ5V3mo98dkPDcmMtZUACQkBEEwvKggSABS74X7CGhkWo6y8esdqh6L2yE7lJ5iEGww0t_h14Q1UwVywgj-r6mv0xqf08nDY9Jun8Jy4BuJO1S4V0J7UWYPsUNFoWCUHHOHjxvhyp799nebdHS7OVv58E7r_jsmeIfX7VDkTXrgHHArupKj__J3oY7TeM4kQvQTsFnneXDcYA1EJ-wbhuUSfM5Fzft6xc815h9wpTR3fsNbMgY1vI8GxPm4WgznM-UMwUDlXyc5Ohz1a-hYmPbRYs3cT3ub9C_UJEbMG_4NkerbK989_XB4waAJ1Y2UwFhyg1B5b3fT2sgL__gyrG4YUHYluKMnHRO-jUZmiww9B5FzoX9PClmY783ARphztpbcW8-7WKIe0KdOYf_1lkLMJ_HfQ8QJoAU9qMCkhOFZZDTNg2djwGHbGjHwxvlQk0qD0u5U_E9fl2Zvz-1r954xevIzFW4F8OLj83W5mIwhDcNCzFiQeDuTwI6YAh2lfogNeWbkFpll0TD7_u5FUs9nOq-QUbBdKqE9-TyBrfeDP6E8gNpUD4Ybk6hbinx0ncxo3AA9IJLgPR6UfUAz1HE9oTRMzqnOE3Q_QiiGqxQpEPS4kn9ZJNN96SOdHEcjKlEBjgDX_z-Hs081XHQxjO06gnlwh12L1NTuM-xhT8tT8rmX3KwnpJ-WDpSoJHndOMuKXFU0XSbuDWFlDgnUjlMfIYEmznirgBAB9qUVFzX5UTttnVTCerVc62jj8ns3pCM34fi5bg-37Y5Ej-vQ77RRwXOyL_3O4JbEjYS3k82telvy9A5_DyT9rm9cXxUA5WY6x7EMaTp_mE4AZpmNVPh-MfnDNVdMOxLlErYjHlXjF-tZG1oXns3_x844OCmTmzJmeJdP_rPWye-UAX0e3YavFdDSozQzn4GVEiNnBBUDJg2Nt6bTuXa_W01g8mwk5aiiqSUa8aW8I7tByt_ap-pDUtERIrlt_WiITmQaYrxTGfe9UDdH2pJ_HXBrB5_QcnvRk2LuY672FEJrEgpolIjl4cDTfmQSbdXW2XnW1t-jJHNdK66O5TD3Vr9QZ3bSOqpWGNxhgv9TpJMwCxYOQSXG2TCS2RfrzUVB8JNwLleaBdYYh6P5fj9jwqT8rxQYoGLKUFU5e2RDWPWNTVMVpX_QwaNR7rGw39xEJ48DpSh-u_hhitLTOcWdr2gIKctyoIuLT28GKpORIpNzkF7jJm7XZuDl03KiBXa0rGE1lvFdcWMdodGQf6-K89m9inKaK1FqbeektR8BbmeDHbp-EojULfskzcJXCBz0ubVVbEYQDOdHV6RcaMyqxYh77lO8kQ0FXYKQLsgGlGEOxz_SCOHKaPLU4aYD00HoJpZzodSbxzOw433UzRcpLEN6yw6ppawYEb7nJxw5sRv3-Kn6oY0ne6chNitFR_mE27OMNgokZHj1ssDk2xjE1aJ9mfNH8grHoPlrq_Oq-Ms-flq3tIn6QFonCR2XqcTLQltjyeGZNgkS6LkmvmstlRMnqHVNPv3UBCVyzAiv-JuqfRVi37pxtbvZeYqq2J1mzhacydlIVijECtWomT1kzjydfslj-exCwwgqw2rdfJw3RTUlhuU5hoVz9ysQSjKwBXnIvefETWZKuD70l-m003w2Z8xjlOrW9CN5Tdj0vCN3kdVTLFkshLE87SmkmDa6RYhzk2Z4HpZpzKOdiMtqNGHc6DkB_8yEwSA7d702cwTxTG4P_JT2C70A4LFWGV_9jvAyIx-p1MUqmnB3kAYiF07R3RLq5qN_E84HPi-2LDe2KPJ32IhCpKdK3cbfjBAGQeuSfhIKlQqykv4TsRkiAkoDwgYCJ8q9tV1fqyagN12YJXkmiXkiJG3atYUwYw3r2V7KDvsPG4Rsle-XjiK7QqcrArVnjPyLeiMkWE5k_JbteMdXwHYB1EF9oNyKLINNxDaxgRlR-78lgX8xKzUpSsAfVdXQkjwbJC-E53gGMV10ziRx-j0ywl94hnBZEa0jFcrdN3HVYLWcKOHcNDCtUwaLBLKyJU4-uYLjP8_B_ciQCKuKRfHOirHscDKPPYiZOGlTrh4zM4GCE5slTwhpzwrNSfykLH7OD7Q9yrl6qVCDyK98rP_HGrUpEumICcdzH1hI4SyHBzUX-jPYCcBmW_IKYJAnuHpkuoFWoU8Io2oaAgBm_PrYJV6cwA4IyJvQ4PXj7W_pP4MtFYwBHvQQ4Zw6gz2y91QJHDrZKwpz9b6S7LFjaixUju5ETog&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=1785422693768280600&adk=2857193498&idt=321&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 23 Nov 2022 16:07:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 16:07:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F557 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNEHct6i8BNVv-qQTTrm_sB6SdN0lCSPE02Le6SEL2rUy3DO7yXHs6dqMME9vNzhUjZCBi1VUP7EhVEJarKRNNXECqQ&cry=1&dbm_d=AKAmf-Ae4QuECiIDMcL1yvK-OI9DzvGdE8pf5eH8MTkBHaoRfawbr1uy7cdAkJNFh0GtgZCD1hl4uFDoTzSKTuQUG7gk7AOgt4pxL8LqfHTin1kHRk5mLdEHB91gP_gmNmIgUPtSxHdNKXvybyOlauoo4DHpkBs8sGPF_GosKR06ejffu21B-8b4VvPfzHZnetpSK8F-ly8ZVDBN8ef6xbt1nGRm1pB2pz7czORijihC1aDJ7byKSBfit4DHePzPJWo16mje4e0mhHX-lB1qaKKU-llrU1q0f1A3xtlssRuzuVPRFZ64rEgu8ru1tXlcUkz5XWd7IL2gPksobIhJGTJdSyxonY6-q_bdZgvEmiTe68Su7CEWWKpbuMvf-OBKTuMX_bLOp9hioaV4v7j0Gy-xzNZrn7hRjo9mnh2cdnvfiaDd9wuBvMRK2mFJAFX6iZa1mshSoToumJNqX6SpYNF3hkjFRjwBmeQXucHDPRopntXeOuF3wefO0ENALJrNtf2v2DQLVi1F1zLB1vNOMg7Ghp6IFcBHO2ZwBDwVd2GaXzMaawm-HbIUVWFjV_0Y7wXPuQCBq3IMWAo6crgYMbmtw8o5k2UXw7sTuk7AYHlmBQrpAQxmPlwo1LVNJjIxiykr1lFp857B2LKlNChFWV3A8xxhRGtl_5KlBXZuBsIwG-W4OxshShnBCQxNHI9riuuGvi0hltbjHDL3nX9nFSDux-3vCkzNzCyfHLb2k38wOj2WX7LkJiy5XhlU69ZPdkDBS5Hmekpsjoi9JNS_m2s09HVxUgIaSoJvxqkrYLPTTmL9NqwUEwhuaFgVT5F3ByvhGODH5O6sw3P5foQqsGOJi0W3XC3AzdLrPabicJwmaZKyv2gwlSl2CE6arNx9m24BpKBDG_IdUg2c06BHXBq6qV5OJIBJLOsALLai7-wRiDSpCkKHEnXHeR3RYyv8z4mxCcsihph4__QwIOzLrS5rUvuvUUFkU_Qlm5TIO02bFiGwxpQv4NP3F574Emz7vEhLvPFgS0BbTsvlc2ZfsMw07LJ5V3mo98dkPDcmMtZUACQkBEEwvKggSABS74X7CGhkWo6y8esdqh6L2yE7lJ5iEGww0t_h14Q1UwVywgj-r6mv0xqf08nDY9Jun8Jy4BuJO1S4V0J7UWYPsUNFoWCUHHOHjxvhyp799nebdHS7OVv58E7r_jsmeIfX7VDkTXrgHHArupKj__J3oY7TeM4kQvQTsFnneXDcYA1EJ-wbhuUSfM5Fzft6xc815h9wpTR3fsNbMgY1vI8GxPm4WgznM-UMwUDlXyc5Ohz1a-hYmPbRYs3cT3ub9C_UJEbMG_4NkerbK989_XB4waAJ1Y2UwFhyg1B5b3fT2sgL__gyrG4YUHYluKMnHRO-jUZmiww9B5FzoX9PClmY783ARphztpbcW8-7WKIe0KdOYf_1lkLMJ_HfQ8QJoAU9qMCkhOFZZDTNg2djwGHbGjHwxvlQk0qD0u5U_E9fl2Zvz-1r954xevIzFW4F8OLj83W5mIwhDcNCzFiQeDuTwI6YAh2lfogNeWbkFpll0TD7_u5FUs9nOq-QUbBdKqE9-TyBrfeDP6E8gNpUD4Ybk6hbinx0ncxo3AA9IJLgPR6UfUAz1HE9oTRMzqnOE3Q_QiiGqxQpEPS4kn9ZJNN96SOdHEcjKlEBjgDX_z-Hs081XHQxjO06gnlwh12L1NTuM-xhT8tT8rmX3KwnpJ-WDpSoJHndOMuKXFU0XSbuDWFlDgnUjlMfIYEmznirgBAB9qUVFzX5UTttnVTCerVc62jj8ns3pCM34fi5bg-37Y5Ej-vQ77RRwXOyL_3O4JbEjYS3k82telvy9A5_DyT9rm9cXxUA5WY6x7EMaTp_mE4AZpmNVPh-MfnDNVdMOxLlErYjHlXjF-tZG1oXns3_x844OCmTmzJmeJdP_rPWye-UAX0e3YavFdDSozQzn4GVEiNnBBUDJg2Nt6bTuXa_W01g8mwk5aiiqSUa8aW8I7tByt_ap-pDUtERIrlt_WiITmQaYrxTGfe9UDdH2pJ_HXBrB5_QcnvRk2LuY672FEJrEgpolIjl4cDTfmQSbdXW2XnW1t-jJHNdK66O5TD3Vr9QZ3bSOqpWGNxhgv9TpJMwCxYOQSXG2TCS2RfrzUVB8JNwLleaBdYYh6P5fj9jwqT8rxQYoGLKUFU5e2RDWPWNTVMVpX_QwaNR7rGw39xEJ48DpSh-u_hhitLTOcWdr2gIKctyoIuLT28GKpORIpNzkF7jJm7XZuDl03KiBXa0rGE1lvFdcWMdodGQf6-K89m9inKaK1FqbeektR8BbmeDHbp-EojULfskzcJXCBz0ubVVbEYQDOdHV6RcaMyqxYh77lO8kQ0FXYKQLsgGlGEOxz_SCOHKaPLU4aYD00HoJpZzodSbxzOw433UzRcpLEN6yw6ppawYEb7nJxw5sRv3-Kn6oY0ne6chNitFR_mE27OMNgokZHj1ssDk2xjE1aJ9mfNH8grHoPlrq_Oq-Ms-flq3tIn6QFonCR2XqcTLQltjyeGZNgkS6LkmvmstlRMnqHVNPv3UBCVyzAiv-JuqfRVi37pxtbvZeYqq2J1mzhacydlIVijECtWomT1kzjydfslj-exCwwgqw2rdfJw3RTUlhuU5hoVz9ysQSjKwBXnIvefETWZKuD70l-m003w2Z8xjlOrW9CN5Tdj0vCN3kdVTLFkshLE87SmkmDa6RYhzk2Z4HpZpzKOdiMtqNGHc6DkB_8yEwSA7d702cwTxTG4P_JT2C70A4LFWGV_9jvAyIx-p1MUqmnB3kAYiF07R3RLq5qN_E84HPi-2LDe2KPJ32IhCpKdK3cbfjBAGQeuSfhIKlQqykv4TsRkiAkoDwgYCJ8q9tV1fqyagN12YJXkmiXkiJG3atYUwYw3r2V7KDvsPG4Rsle-XjiK7QqcrArVnjPyLeiMkWE5k_JbteMdXwHYB1EF9oNyKLINNxDaxgRlR-78lgX8xKzUpSsAfVdXQkjwbJC-E53gGMV10ziRx-j0ywl94hnBZEa0jFcrdN3HVYLWcKOHcNDCtUwaLBLKyJU4-uYLjP8_B_ciQCKuKRfHOirHscDKPPYiZOGlTrh4zM4GCE5slTwhpzwrNSfykLH7OD7Q9yrl6qVCDyK98rP_HGrUpEumICcdzH1hI4SyHBzUX-jPYCcBmW_IKYJAnuHpkuoFWoU8Io2oaAgBm_PrYJV6cwA4IyJvQ4PXj7W_pP4MtFYwBHvQQ4Zw6gz2y91QJHDrZKwpz9b6S7LFjaixUju5ETog&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=1785422693768280600&adk=2857193498&idt=321&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
8909551713456980515
s0.2mdn.net/simgad/ Frame F557 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8909551713456980515
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
1add881ba8cc7b1b203c72e606681d0b94266179b93df4e70b28504104fb4059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76300
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 10:03:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 16:07:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F6AF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
b06a4deb1e945140e055bb5f0109655f9523997a0b696072321fcce95239ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12549
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A2D1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ee9d5ca9ca3a53adeda1083f6024afeff9e394b08e7f23dc87cebf800c4b2075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12437
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B400 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
8ad58a7a61bbce23509a955f388e2842df800ad0f9b883c6535f1350a3630a7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12355
x-xss-protection
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 0A96 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame EAA9 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 16:19:31 GMT
dyn-hype-multiitem.js
www.adtrek.co/Scripts/Inserts/ Frame EAA9 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/Scripts/Inserts/dyn-hype-multiitem.js?v=1-4
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.31.162 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-31-162.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f824af6240aaa57ba4104f1969365afa9b6904544545284db4a7469e6a94768a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 14:29:24 GMT
Server
Microsoft-IIS/8.5
ETag
"0fa1131435ad81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2968
pol.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		13 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/pol.jpg
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c6404a6445360d772e0e5b5f502a4b6f07dbee331c5132d95affd837d3b832ba

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
N0X11F0SQ25ZM57Y
ETag
"a9fd50a836ea2cd2d6c0d6bce07d76b2"
x-amz-meta-info
polite loading image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10157
x-amz-id-2
w2ENQrc91osDjlZ493XjBWeI+w8WZIOxG0GZRk9K4iZ5173P9QJ/u8ug5jpT/vgEXFHOG84GrVI=
verify.js
rtb0.doubleverify.com/ Frame F490 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_602292916274&jsTagObjCallback=__tagObject_callback_602292916274&num=6&ctx=23716808&cmp=187099&plc=6790256&sid=10482&advid=&adsrv=&unit=728x90&isdvvid=&uid=602292916274&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=89&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau%60dcdgc_5ghf373742ebbe2f_f2g2efh5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.10&callbackName=__verify_callback_602292916274
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a9f1baccbdd97e46a75d9845001f747cec4592b915764bfda5f1dfb9ba901182

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 16:07:46
sodar
pagead2.googlesyndication.com/pagead/ Frame A5F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1728215929861189&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 64D9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7E0E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
50465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:06:40 GMT
etag
48472445140208031
expires
Thu, 24 Nov 2022 02:06:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F557 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04fc9cc6a839dbd130cf3f3a8e99dd03aa638509bdae3ef445d4d0cdf06d9ca7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A2D1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B400 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F6AF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:07:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A96 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCUsbUEV-Y6THFsKEowOe347gAwAAAAA4AeAEAg&bg=!8POl87fNAAbvMpMzzzI7ACkAdvg8Wq4vKZ_RMBD6u4c8svmvzam6HYkeSzqzl4SIsutRFR4lN4dQnAIAAABhUgAAAANoAQeZAuQ9-xzN_vPo0DU8b9vIjgFKXb8KOqKhtgBMpNY6iM5LVrk5v-IWzkt3nsv_O_ZpPe7kN3hTRbh-0NHI0sBib7BzEtu1KeL9pTTi3YsGyJWUXr2I50QAB8stdGKKtSjXcuqgAe9C4CuZeFggfwwtJ7qu-qHEV81jF3LHqhFk0Rg7-HBoeI_fDpAl2G2cTQoNKLOIwjg_eNvjauaPeJr9qA1vKxHB36ePrxmuHiDtSjYs-h-Mq-1p-ed6GHhINknoiNZwEQIOZ-wb0-Mwld4u9BBeSOJ67neldKQoib7ZAPh78h5My84vFFajwC_f3MOfCBroC7lKom3e2xFsTTnfErgFVvH2xLaMJD1GONIdAkf6S_d_YiJN5j-5Dh4-xFARWWLBIUyIK8NCDrbsPh0_kiZbLLkbeqesp81a-K5rRkhq-3fGM8WFf1eXTzLTU0xB4I84585Qv60GDMRuvRm0kT5HEvAHCm_4pXRtWKWJAHZnY8ytdaJeJGk16UGajvNsyOxac2DeIAk0zLa7F6oe-Qfht-Yb3zjY2ezhsNt98pRW26AgP7H_dAdt_1a8eQle5_R8D72J4_e_iRPBJkVpDIgzgcgdOcqRZjNYxdr0Z3_CFdefpXDLWKdB-VPZUu8RKE7OvgnHX0GOhCWrdtt4WbiX4g9XVXvaN2ea1HLkfypEwVByj24DrCuPYYQuGGW6tyshLut1GUCkcdaUGYAI75RqT19WrvWgSgtf5cZJ4WFs1MIYLXMRhXFIdquiMEa9SivHYl56CpJDuF_qeHStG89-GJnTVrtDAaxnzMH-NqiiDUa6tr4IXio4NtZYwSWTejU1boxsykzz3KIEWCf5y3vVD7GfiJPqHh-pw0o8LqirTDEEWP2gYHfYny4eI5U_dRBjxbm4ThGr1oR65pC3gYtEM0oDbZDCGlC7vL-0lLU7MFD2tIZ5MneXPFu4kiAQyGVVBRfsehboHiPn16EhpUnXQvBWMQ
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 64D9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c-ozkg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7E0E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FajjjL40yzIsAAVtXaVo8WofodyIikzh4j-uH5nwXt1gZyAilikhnrOwZlYTp0pI2NCjUBd1J-rrr8-u0Ye...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FajjjL40yzIsAAVtXaVo8WofodyIikzh4j-uH5nwXt1gZyAilikhnrOwZlYTp0pI2NCjUBd1J-rrr8-u0YeYhCrk-Xy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FajjjL40yzIsAAVtXaVo8WofodyIikzh4j-uH5nwXt1gZyAilikhnrOwZlYTp0pI2NCjUBd1J-rrr8-u0YeYhCrk-XyHaPwqtYelaBmY2kFKVkiV6Z9s2lylBB8XjBxKL85vx8RI-M_sgzQWMyBZeg
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 23 Nov 2022 16:07:45 GMT
Server
MT3 169 32252b7 master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FajjjL40yzIsAAVtXaVo8WofodyIikzh4j-uH5nwXt1gZyAilikhnrOwZlYTp0pI2NCjUBd1J-rrr8-u0YeYhCrk-XyHaPwqtYelaBmY2kFKVkiV6Z9s2lylBB8XjBxKL85vx8RI-M_sgzQWMyBZeg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:44 GMT
pixel
cm.g.doubleclick.net/ Frame 7E0E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3FZBoB6dyX1kMrlDCsd_c0Vavh56FHFqhuHLBEPqn2L1dSh68NJ5vTR4vNBZHMsOmGrKL5S22-hTJnfrbPWG1Xw8...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZBoB6dyX1kMrlDCsd_c0Vavh56FHFqhuHLBEPqn2L1dSh68NJ5vTR4vNBZHMsOmGrKL5S22-hTJnfrbPWG1Xw80cTa5WndXZfqFydLZwhVjzIZb5IWOTL0chD6uBX0JK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZBoB6dyX1kMrlDCsd_c0Vavh56FHFqhuHLBEPqn2L1dSh68NJ5vTR4vNBZHMsOmGrKL5S22-hTJnfrbPWG1Xw80cTa5WndXZfqFydLZwhVjzIZb5IWOTL0chD6uBX0JKFTc2dtvU8R3KyvUV4Hlzs&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZBoB6dyX1kMrlDCsd_c0Vavh56FHFqhuHLBEPqn2L1dSh68NJ5vTR4vNBZHMsOmGrKL5S22-hTJnfrbPWG1Xw80cTa5WndXZfqFydLZwhVjzIZb5IWOTL0chD6uBX0JKFTc2dtvU8R3KyvUV4Hlzs&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Date
Wed, 23 Nov 2022 16:07:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7E0E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFAjVOzx3Rs9q0HUc35azPo&google_cver=1&google_push=ASkJ3FYZOQKuaTt-H1dJpE5qb3pyegNl9tyzN7HsBweJIV1aJ6pnfJFyTuXr_7kzpMAWFcnsBBdIWZNBho32l1eC3QXhVoQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYZOQKuaTt-H1dJpE5qb3pyegNl9tyzN7HsBweJIV1aJ6pnfJFyTuXr_7kzpMAWFcnsBBdIWZNBho32l1eC3QXhVoQp17yUjMslfFzIBqnUZUWeLIZ8s_tGT1sm5nFVl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYZOQKuaTt-H1dJpE5qb3pyegNl9tyzN7HsBweJIV1aJ6pnfJFyTuXr_7kzpMAWFcnsBBdIWZNBho32l1eC3QXhVoQp17yUjMslfFzIBqnUZUWeLIZ8s_tGT1sm5nFVlSgLonRPdUizl5asAtItcA&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 23 Nov 2022 16:07:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYZOQKuaTt-H1dJpE5qb3pyegNl9tyzN7HsBweJIV1aJ6pnfJFyTuXr_7kzpMAWFcnsBBdIWZNBho32l1eC3QXhVoQp17yUjMslfFzIBqnUZUWeLIZ8s_tGT1sm5nFVlSgLonRPdUizl5asAtItcA&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7E0E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJXsKg_tKCChVNlt0aSBfbU&google_cver=1&google_push=ASkJ3FaRlgZmEmkSuS_7XTcSsET7yi9izEqwBK2PIV5tm-LjHUX849VaLBfu47v1FYZSkctce3F2HD48yP8Ma3d...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FaRlgZmEmkSuS_7XTcSsET7yi9izEqwBK2PIV5tm-LjHUX849VaLBfu47v1FYZSkctce3F2HD48yP8Ma3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FaRlgZmEmkSuS_7XTcSsET7yi9izEqwBK2PIV5tm-LjHUX849VaLBfu47v1FYZSkctce3F2HD48yP8Ma3dRACDH-XnGtEjCzT-QZeq9OzYCg-w0pwa4bdphEbU5yV4BW3joKJcKgjGiRtrtCoJX1Q
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FaRlgZmEmkSuS_7XTcSsET7yi9izEqwBK2PIV5tm-LjHUX849VaLBfu47v1FYZSkctce3F2HD48yP8Ma3dRACDH-XnGtEjCzT-QZeq9OzYCg-w0pwa4bdphEbU5yV4BW3joKJcKgjGiRtrtCoJX1Q
Date
Wed, 23 Nov 2022 16:07:46 GMT
Connection
keep-alive
Content-Length
296
Content-Type
text/html; charset=utf-8
spacer.gif
an.yandex.ru/resource/ Frame 7E0E
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?ext-param=ASkJ3Fasscvnv6S_HRiEb15gLGCvZ9dHZIKa1qgHGpBq-VFD9Np0wd-gOm-1KzdOEtyZknp-X0hTJo-3jfbrBHwe2bjuqGcE8KyTmPZkhDtvcp5S2wr9-SJsJrzY...
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?redir-setuniq=1&ext-param=ASkJ3Fasscvnv6S_HRiEb15gLGCvZ9dHZIKa1qgHGpBq-VFD9Np0wd-gOm-1KzdOEtyZknp-X0hTJo-3jfbrBHwe2bjuqGcE8KyTmPZkhDtv...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBiOY_AHTQimo70c1KZRDWI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 16:07:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7E0E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3hxrYuLncgMlclB0aJpQf2pYEtAJfEFNjI9TJC2tY0Hv9BSZQli5Hp1fF
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1F9C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
59258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 23 Nov 2022 16:07:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
233708
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		327 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0ead90bd51f97d8a06059dfd97789dedc2a493edd82f675704a2ba644ab04fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1408731
expires
0
rid
match.adsrvr.org/track/ 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
4dc95bddd321cc88b89f15623fa69003cb430dd873c9f2392f016ee10746c6e2

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 23 Nov 2022 16:07:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 23 Dec 2022 16:07:46 GMT
sync
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
cb09f1e2d0cefe2cee9703d1c90e0e0024e127fc39f62e7703e1b82667cc3e61

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1143
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:46 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 23 Nov 2022 16:07:46 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.html
public.servenobid.com/ Frame 617D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-26.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
85099
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 16:29:28 GMT
etag
W/"02a59c9399d935f64b331e61178d2c9f"
last-modified
Mon, 14 Nov 2022 16:28:27 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 57f18a988739f5feaf34dc974846ac6c.cloudfront.net (CloudFront)
x-amz-cf-id
DqYMJnZT39UK9ucc3BvEgjeFrRKrV7Bj7RE_H6G55CR5CNlt68NuRA==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:9114884f-60db-4078-afb1-cde242f68696
x-amz-meta-codebuild-content-md5
3d437d58b8bd54e8a0e378e97cd0e39f
x-amz-meta-codebuild-content-sha256
85fe75fc3aebfc86893a7760fc0ac12e3ff269743874600311aae7eb8917fccd
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame FB2F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40540
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 23 Nov 2022 16:07:46 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
30, 36700
X-Served-By
cache-lga13626-LGA, cache-mel11262-MEL
X-Timer
S1669219666.243756,VS0,VE0
/
onetag-sys.com/usync/ Frame A724 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1669219662246
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
20b04613e923d8553212a748146bb4b6f5a7000c08905d6da82b5279d860505d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1373
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame C353 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 16:07:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 87AA 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b43358e1c225fc40eb01610b4ea467c8112189e14438bb91230c3873dfaf2a13

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Wed, 23 Nov 2022 16:07:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame E11A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
389
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76eb28e17d571c50-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:46 GMT
expires
Wed, 23 Nov 2022 20:07:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 12BF 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12fb5f68666a3cae1cd6c8c0212a02d2b4c763cd008c0f63c9fd0d5a42935012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=69130
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:46 GMT
expires
Thu, 24 Nov 2022 11:19:56 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ACBF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
28645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A138 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
1985d38d7faa965bb91eb6ae8f3751a514e0ae430042ed92b5edb4cac7dec456
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bU0I0lSEXihyXfC3T76Jvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-bU0I0lSEXihyXfC3T76Jvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:46 GMT
expires
Wed, 23 Nov 2022 16:07:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E830 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
28645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E5DC 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
49f85d3655cbbf0c8ca3934c30e56143a4ff666b2ca958f138e375ead7120f96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AAhvSeDDL-7hQGNSAInPnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-AAhvSeDDL-7hQGNSAInPnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:46 GMT
expires
Wed, 23 Nov 2022 16:07:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 225B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
28645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 08:10:21 GMT
expires
Thu, 23 Nov 2023 08:10:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 515A 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
11d9f3811d5cb1302331450fa7e2389e59e7aa4ec6be6639709b531b0b929fb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w6eUzbt_ovEgdY9TZhC_9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-w6eUzbt_ovEgdY9TZhC_9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:46 GMT
expires
Wed, 23 Nov 2022 16:07:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame A8F3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXyklqD6rUayyp7CIKw-Coh6j11xS0qaVwFTdG_vm0vCa8h_7Li3UeroMckQOgBxGtJ0WLsLpLKafU1zsk6lnvaYsZNTy1IxVod8IjpRW6G-69tZ6xvmT3ZewTUFkNLBm8J-I&sai=AMfl-YQPzJKu-NETMppPPL5GufmimSX034Prijghf4UMMhhi-blJceaPrsgxgv090zMDuLDK7xM46dzmS7_CGTHSKX2nW46lS769DAE9B3MI0xuA8IjMANghGS5oxAenZw&sig=Cg0ArKJSzIi65BVU-cTxEAE&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&id=lidar2&mcvt=1000&p=60,450,314,750&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669219663641&rpt=1357&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 87AA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4344786190095448269&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4344786190095448269&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4344786190095448269&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 87AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa73f1e-2282-4722-ab92-69e030e1dce8&ttd_puid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa73f1e-2282-4722-ab92-69e030e1dce8&ttd_puid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa73f1e-2282-4722-ab92-69e030e1dce8&ttd_puid=3f1581c8-2cc2-73b9-dd22-e786c1b5c0f6&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 87AA
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y35FUsCo5s0AAAaLS8YAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y35FUsCo5s0AAAaLS8YAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 23 Nov 2022 16:07:46 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y35FUsCo5s0AAAaLS8YAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40051"}
X-SO-Key
Y35FUsCo5s0AAAaLS8YAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40051
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y35FUsCo5s0AAAaLS8YAAAAA
Cache-Control
private
X-SO-HostName
a-ad40051.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame 87AA
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVcXmYFiME2Wks8ADxwUu-B-iM8AAAGEpT7JmQ
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVcXmYFiME2Wks8ADxwUu-B-iM8AAAGEpT7JmQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVcXmYFiME2Wks8ADxwUu-B-iM8AAAGEpT7JmQ
cache-control
no-cache
content-length
0
x-amz-cf-id
5nW0-BckuyMyzvaqsX5QQsan3hifLIR7FFAYzELJZYPnFICr30po3A==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 87AA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTM3YTUyMDItZTViNS0yZDFkLWM4YzItYmQzZjBiNTcwZTk2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 87AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ4uFbUUDFd7ZRXCN65vhX0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 1F9C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A138 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3376092955589538&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame ACBF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E5DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3787270395849209&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame E830 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E181 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5d75603ffc89e2348db19dd57a857fb9e88733da9e3a626d83572e6ca88661

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76eb28e258e7eeaa-AKL
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 16:07:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c%2BVU3KSecMsj4NF6fRaXCCfEzJsWei0XF95WwkG6q6LKhmBLq3pC9cPVzNDFuGzIo5SteUdq27tuKD%2B%2FP%2BQQjrpfTMAlyBY2SCZVNIY8uUKO5%2BXQgYx6GuGAuI9qP9N4LEYy5oj%2B086Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame A724
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 23 Nov 2022 16:07:46 GMT
Server
MT3 169 32252b7 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:45 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A724 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame A724
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
AN-X-Request-Uuid
6aa38851-e7fe-4e99-9d25-1c2035faf0b8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A724 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=C6GEcR1JfNcPVCGYhDinjqmksrDMr73vUsUtIV6lqEU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A724
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-yiJTYDrAr9OM6-W0WlDTT_15x1n-lw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-yiJTYDrAr9OM6-W0WlDTT_15x1n-lw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-yiJTYDrAr9OM6-W0WlDTT_15x1n-lw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame A724 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-length
0
/
onetag-sys.com/match/ Frame A724
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCNKK-ZsGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Wed, 23 Nov 2022 16:07:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A724
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T0WZC4J3RVNHS950MEQ9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame A724 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-length
0
/
onetag-sys.com/match/ Frame A724
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame A724 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame A724
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame A724 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1669219662246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 515A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2806712281034857&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 225B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 22:25:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=1785422693768280564&x=1&ct=76&dl=2&ds=1
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FB2F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
AN-X-Request-Uuid
98d72894-b90c-4bb6-9a1b-367da2cbdb72
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bsevent.gif
rtbc-ae1.doubleverify.com/ Frame F490 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ae1.doubleverify.com/bsevent.gif?flvr=0&impid=e4298bde97fd4dcd943308ee29691bd7&vfdur=1074&cbust=1669219666440589
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/22/2022 16:07:46
bsevent.gif
rtbc-ae1.doubleverify.com/ Frame F490 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ae1.doubleverify.com/bsevent.gif?flvr=0&impid=e4298bde97fd4dcd943308ee29691bd7&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1669219666443130
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/22/2022 16:07:46
globalpassback_728x90.gif
cdn.besafe.global/ Frame F490 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.besafe.global/globalpassback_728x90.gif
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.41 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 15:38:00 GMT
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 20:03:13 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
1788
etag
"d7f0c1fa2fb2f6c6dc87372cf940f1d5"
x-amz-meta-sha256
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
13098
x-amz-cf-id
ofifnLTfpurmU4syNhKcJxkMoQw3d8YJb9PvN1MDuohzMXoRDdyl-g==
x-amz-meta-s3b-last-modified
20220630T185306Z
Info.svg
ad.appier.net/4QGDNtuHG/icon/ Frame F490 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Info.svg
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.185 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
db3bb0331e0217a9b13adc92afdce74540822e9a2094a4c640a23522f6596b88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"552f8bf510a3f1d9444e387953f11f79"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=743333
x-cache-id
LAX-278c7c
accept-ranges
bytes
content-length
1272
expires
Fri, 02 Dec 2022 06:36:40 GMT
Info_hover_focus.svg
ad.appier.net/4QGDNtuHG/icon/ Frame F490 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Info_hover_focus.svg
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.185 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
0736033dafaea5a36203b95b7562afdd3559a4c9edf234339a886347cd032bea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"d0bf34695927ab43e5c1292a22b9bc3a"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=743538
x-cache-id
LAX-ba56a406
accept-ranges
bytes
content-length
1272
expires
Fri, 02 Dec 2022 06:40:05 GMT
Close.svg
ad.appier.net/4QGDNtuHG/icon/ Frame F490 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Close.svg
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.185 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
70005a712e48e89c3f725b20b3b0922ef5f13625407a0b5c3dd77daf42d95f63

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"745a2be8df143e4f3be0e0d83020aa7b"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=743593
accept-ranges
bytes
content-length
848
expires
Fri, 02 Dec 2022 06:41:00 GMT
Close_hover_focus.svg
ad.appier.net/4QGDNtuHG/icon/ Frame F490 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Close_hover_focus.svg
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.185 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
3c73a0cfd4d0058fe2374484019ef7ba096708d415f7435b19d4fc9cdd0807c7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"6dbf40ccf95affe57f5e9ababaed99a5"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=711847
accept-ranges
bytes
content-length
848
expires
Thu, 01 Dec 2022 21:51:54 GMT
n.js
geo.moatads.com/ Frame F490 		98 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=APPIERDISPLAY1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&m=0&ar=48843429bae-clean&iw=3d12f45&q=2&cb=0&ym=0&cu=1669219666457&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&bo=728x90&bd=unknown&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&gw=appierdisplay844822012038&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jm=-1&fs=200871&na=1344156191&cs=0&ord=1669219666457&jv=174559998&callback=DOMlessLLDcallback_75771664
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/appierdisplay844822012038/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.200.169 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/6.0 /
Resource Hash
f1b477e36758349fff1b86c2e91f6947fb56baf6af9691ee926093329555bb4c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"df800e8fa5a8cf2d797793fdac8d7839744a5696"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame F490 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=APPIERDISPLAY1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&m=0&ar=48843429bae-clean&iw=3d12f45&q=3&cb=0&ym=0&cu=1669219666457&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&bo=728x90&bd=unknown&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&gw=appierdisplay844822012038&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jm=-1&fs=200871&na=1164305808&cs=0
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 23 Nov 2022 16:07:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 33A6 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
50466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:06:40 GMT
etag
48472445140208031
expires
Thu, 24 Nov 2022 02:06:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F490 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88398be550a28d0a15ce13e626121de53001ab53321657689a51bbd649eb287f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usermatchredir
ssum-sec.casalemedia.com/ Frame E181
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDx5VUCsD9ZxLK7HUxVSSVsOtVcz%2FVQzqah3IRlH5KhRcEvv3%2B55LeoUicZVXBBNHelOigSpJqgsGhUzxTch8ge82amYGXSy8Rt7LQB6gXUO6jQeIV7lbgw2zfAe0AfeaAx883z%2FQLI6rA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76eb28e6597beeaa-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL6HjRc2zapdWa3w5aC2hho&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E181
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y35FTk47_C13IzGVNooSSQAAErAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6A1408V18NAS4X4X8JDX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CBHVWE0PBMNQMV7KWX05
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E181
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afa73f1e-2282-4722-ab92-69e030e1dce8&expiration=1671811666&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afa73f1e-2282-4722-ab92-69e030e1dce8&expiration=1671811666&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afa73f1e-2282-4722-ab92-69e030e1dce8&expiration=1671811666&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E181
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5234464901097473502
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5234464901097473502
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
AN-X-Request-Uuid
067edd48-ad6e-443d-974d-915064247945
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E181
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
Date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame E181
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 23 Nov 2022 16:07:46 GMT
Server
MT3 169 32252b7 master nrt-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:45 GMT
rum
dsum-sec.casalemedia.com/ Frame E181
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4488901378171304141
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4488901378171304141
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4488901378171304141
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame E181
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5234464901097473502
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5234464901097473502
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50RdF8lMG3LghT1c%2FcZUCuTc4w8z2YMdQ7BBA%2Foy44zG%2FA24fzfBmITZUrjuscGQ2cMFHZsQt0NsOp5%2BJDd5R0Ch%2BIj7fvve5UsEWvoGyk%2FqL0V%2BKS1sPUSsSSjrOIkaJqV4%2BJPP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76eb28ea1a7d1c5c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
AN-X-Request-Uuid
94a8e7c9-c7be-4f51-b9e1-b64a355eb0c4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame E181 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y35FTk47-C13IzGVNooSSQAA%264784
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
13847
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76eb28ea1cb31c4d-AKL
content-length
43
expires
Thu, 24 Nov 2022 16:07:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 378D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=917744441302965&bg=!9_Sl9LDNAAbvMpMzzzI7ACkAdvg8Wutwngwdc9r0ix99kW7qK6LZxMXdHXaFWldd7vox-oQlpCMn_AIAAADWUgAAAAJoAQeZAr5SKMAQkdjjl4xSZyooduB8odWNWxZ259f4H5Rri-1IC-4yr_TJ6UcUDFGH16r5mzhqLtRXeri_nwf9gFKoOx5fKxSZGgn-IauXHRsapSV0PMiIBdajU4-jVyUfhOZhhbaYFogfF-IpFPB5Rqj2Sj0HBU0sQECRxjmu3R6ZGJWDDWibiOssCFvY4Ce6W1U-5vGFuT13lnHq2iCvUk7I_EUTXrwYYYiv_ycEh28WSDaJK98cQ1EL89Xp7OBjr8bm17cqi62ijCJlFdqqSj-3Z78WhvwsUewGteXaAPWIhoB_lwuYrMsDsPSZC1G4fvlKM5-eDET5WdVqqJZ0K_uriZ4CAAmXm6sqBA29zmvU_fJ_FQNrdiU37TwS3XgpGdKPf70QFYrWls3af8pHky43QLNLH1UKEoONyitLBMJEOAdGKAqOtrpOp79DTBewZyFFQ551mnYm8EiTszFi5qTcQ_Gv3dSH4Njn_JZz-OAQjz5Y4jCiml47P9Nhm5FRoutr1dxoORss72RakCxSn9fLztW1vhoaJZ44QGpFf_oOEIYVZxf-X6DXJQ4RB6oNukq-xBE0pJMMYVUNCOfoltbzwyi6FcwMrpEgeKw7nxBAnUq4d8xPG_NQ0tZ9-0RTQXyOGmc5JA500CmEtxCqYxCe0bgnjeb9feToUafhqBy5VLBIlULjmo0J1yGRrUUkJ4CCNSjKsjeLAzfTyQpebu3Rnzs3qOgN-iM92MwK6mzpUb4ny4wfR5JJ87cjyyuqh-_03oG2x_l3p_Pr6OYubi1rVMeddKb6nEHMcUQJWF_i1bMJsjyTR81ytO9i3aFuA4K_ZksPlmpmgDxNm2QXnV6BbAWo6O6Ied0wqaPsIe0rQxCKlr5pq5IyMFO-6MDU2bBQYYgnfDWKybYD5mKnnFGASzqdZXzx66HdpYwwlZ7avvo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B905 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2008182510720030&bg=!Z2SlZCDNAAbvMpMzzzI7ACkAdvg8Wr7IUOvUe9lraRyyKxyBxlg5u6M0ivy2lz1CIy5XL9ZU7yEwXgIAAACrUgAAAANoAQcKAAqTEiZDkxebgNuFmQK27NxfqA0IihrVD7lwKAGom7PrXbJlgWIrFS3H1Zuj44pJ1vnSsJIlLbpvSbuYkRItm1Um_EfaIf72Fuphf-rT3GRqUCdRqMkoz0KzRYMG39pzDCIhK6v1AuXSja7YRnZ5JeILU_WC0zKC_KEGmuk6tTZog13leLYLvAmjnk4qnW_seJeNfXgdqM3bZCoq1NDbHDzim70xPcijmZtfOpcAMivUCMYngzfPBWfYGK4JHnEZxbiMBFZROUOOzZPHf8uY5X9J03DfgNVcUwJrEyRvK_D7orm70hA3n60QhJo6R2wyKlZpbn_gCt0qIq3u2jehwIQt5F8bA9cjI9PvsVHCfUl83pCKvXax5rYhQ2frsS5Yl2Q55bVAGLHOvJ0scUSkTklFeE5O-g3Y6-md3UhQ9EuGv28HNDbhvanObFZReZE1BrQmlz9hXMGhI4hFVWI9Ns8o24Ky4AXGMdQAOlt0KHSqGadIaqcKbygA551Oodv6kSsycr5SVNiiCay0nLsbWMCIr4fU_yBAeGngKYZG4wsvImNNROsKKkhwvI2gXtMxnKkv5nahJ29G2PJAKgLQymoaF4xa_iNzOUUwZwyN0l6nJZ6c3GZMBH0Uz5IdLq5O5WfvUPKfU4FKbx-EH9gsYRemDg5CtyXdkT7kneOMnw32uSkLcxDBnneuG4dUvZvhnU93Daadw4iQQrelZyLECtKxdWmH6SVdiJOdGF-k_N6TagsdUOtGRif85FM2sNzLfMJhjeOtoT83XTqkg47FZlo2pVp6sMrvJ3ekKUBReNE_ZFiho8PuS-uJziEwclK-f71LAG_CNeVwxvIBuUKLl-k0xUsvf7SDCDGgqhnSHfr0dQ6aoSmyXifFh8biMFTgEpzJL7VSNwYXZOrwNgv43Q_hfsbb4CKzXONOB8H3Hb74u9lLRg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame C353 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
44de01ec2e09eb464ebf0455bbfa1fe4fa58aae4a05b2b1e5898f5117d377edd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 19:56:49 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13738
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 19:56:44 GMT
sync
gum.criteo.com/ Frame 12BF 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
302516
expires
60
usync.html
eus.rubiconproject.com/ Frame 28ED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 16:07:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 16:07:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 02B4
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Drkt%26refUrl%3D%26vid%3D921966675831222126674442620...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=rkt&refUrl=&vid=92196667583122212667444262000V10&ovsid=1917759394829190040
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=rkt&refUrl=&vid=92196667583122212667444262000V10&ovsid=1917759394829190040
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Wed, 23 Nov 2022 16:07:48 GMT
expires
Wed, 23 Nov 2022 16:07:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Wed, 23 Nov 2022 16:07:47 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=rkt&refUrl=&vid=92196667583122212667444262000V10&ovsid=1917759394829190040
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6EB9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132508
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 25 Nov 2022 04:56:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dapx%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=apx&refUrl=&vid=92196667583122212667444262000V10&ovsid=5234464901097473502
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=apx&refUrl=&vid=92196667583122212667444262000V10&ovsid=5234464901097473502
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:47 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:46 GMT
AN-X-Request-Uuid
81018a37-a77a-4e87-ac4f-d87cf3953372
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=apx&refUrl=&vid=92196667583122212667444262000V10&ovsid=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3122212667444262...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=opx&refUrl=&vid=92196667583122212667444262000V10&ovsid=f739e857-87c2-4959-be6d-99e8735a522a
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=opx&refUrl=&vid=92196667583122212667444262000V10&ovsid=f739e857-87c2-4959-be6d-99e8735a522a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:47 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:47 GMT

Redirect headers

date
Wed, 23 Nov 2022 16:07:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3122212667444262000V10&type=opx&refUrl=&vid=92196667583122212667444262000V10&ovsid=f739e857-87c2-4959-be6d-99e8735a522a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dmma%26refUrl%3D%26vid%3D921966675831222126674442...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=mma&refUrl=&vid=92196667583122212667444262000V10&ovsid=53b9637e-454e-4300-b051-7df97098549b
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=mma&refUrl=&vid=92196667583122212667444262000V10&ovsid=53b9637e-454e-4300-b051-7df97098549b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:47 GMT

Redirect headers

Date
Wed, 23 Nov 2022 16:07:46 GMT
Server
MT3 169 32252b7 master nrt-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=mma&refUrl=&vid=92196667583122212667444262000V10&ovsid=53b9637e-454e-4300-b051-7df97098549b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:45 GMT
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dr1%26refUrl%3D%26vid%3D92196667583122212667...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3087599622
  • https://sync.1rx.io/usersync/tradedesk/afa73f1e-2282-4722-ab92-69e030e1dce8
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:49 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2771d97821e348e591c1186eef521a7a004
content-type
text/html
cksync
cs.media.net/ Frame 12BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEyMjIxMjY2NzQ0NDI2MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECodWx0KbKRQKbVaUghmeJ8&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECodWx0KbKRQKbVaUghmeJ8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Wed, 23 Nov 2022 16:07:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECodWx0KbKRQKbVaUghmeJ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Ddxu%26refUrl%3D%26vid%3D92196667583122212667444...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Ddxu%26refUrl%3D%26vid%3D92196667583122212...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=dxu&refUrl=&vid=92196667583122212667444262000V10&ovsid=6md3QIl91OXShR5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=dxu&refUrl=&vid=92196667583122212667444262000V10&ovsid=6md3QIl91OXShR5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:48 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=dxu&refUrl=&vid=92196667583122212667444262000V10&ovsid=6md3QIl91OXShR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=508a5e37-af14-41ff-aee2-7a2f48b9c088
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=508a5e37-af14-41ff-aee2-7a2f48b9c088
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=508a5e37-af14-41ff-aee2-7a2f48b9c088
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1318525
content-length
0
expires
Wed, 23 Nov 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&google_hm=MWU2ZGNhMjYtOTBlMC00MmJjLTkxNTktZWNiODhjNjFmZDdm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECWSwszt8qoJ-fy7mp31Y28&google_cver=1&ssp=medianet&bsw_param=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:48 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 23 Nov 2022 16:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dzem%26refUrl%3D%26vid%3D92196667583122212667444262...
  • https://stags.bluekai.com/site/23178?id=zq2xujy6wtN8OqpAFqWq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPL2OEZHQ5LKPE3HO5COHBHXC4CBIZYVO...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=zq2xujy6wtN8OqpAFqWq&refUrl=&type=zem&vid=92196667583122212667444262000V10&vsid=3122212667444262000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=zq2xujy6wtN8OqpAFqWq&refUrl=&type=zem&vid=92196667583122212667444262000V10&vsid=3122212667444262000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:49 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=zq2xujy6wtN8OqpAFqWq&refUrl=&type=zem&vid=92196667583122212667444262000V10&vsid=3122212667444262000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 12BF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3122212667444262000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3122212667444262000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=db591510-169a-4319-b91c-2cf6672336b4&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=db591510-169a-4319-b91c-2cf6672336b4&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:49 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=db591510-169a-4319-b91c-2cf6672336b4&cs=1
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 12BF 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Demx%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.208.230 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 12BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afa73f1e-2282-4722-ab92-69e030e1dce8
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afa73f1e-2282-4722-ab92-69e030e1dce8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Wed, 23 Nov 2022 16:07:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afa73f1e-2282-4722-ab92-69e030e1dce8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=afa73f1e-2282-4722-ab92-69e030e1dce8&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=afa73f1e-2282-4722-ab92-69e030e1dce8&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 16:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=afa73f1e-2282-4722-ab92-69e030e1dce8&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ0NTUzODA1Mzg1NDY1MzYzMTQ0
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEz139AZrIybdC_CRUt0ogk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEz139AZrIybdC_CRUt0ogk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 16:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEz139AZrIybdC_CRUt0ogk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D8A4
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ0NTUzODA1Mzg1NDY1MzYzMTQ0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ0NTUzODA1Mzg1NDY1MzYzMTQ0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzQ0NTUzODA1Mzg1NDY1MzYzMTQ0
date
Wed, 23 Nov 2022 16:07:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame D8A4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=344553805385465363144&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=344553805385465363144&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c734dfff-fe06-470d-a70f-6b82ee6a9188&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c734dfff-fe06-470d-a70f-6b82ee6a9188&_noobservation=1&_expected_cookie=e67d832...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c734dfff-fe06-470d-a70f-6b82ee6a9188&_noobservation=1&_expected_cookie=e67d83244576bf7de11136e7dc0bbbde
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 23 Nov 2022 16:07:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76eb28f00fdca808-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c734dfff-fe06-470d-a70f-6b82ee6a9188&_noobservation=1&_expected_cookie=e67d83244576bf7de11136e7dc0bbbde
date
Wed, 23 Nov 2022 16:07:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76eb28ee7edba808-SYD
content-length
0
xuid
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=344553805385465363144&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9747df56-993c-4d28-9abe-72fe131b0538&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 23 Nov 2022 16:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/344553805385465363144?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-szL_z85E2oTaSvnPheN246dhV7WHLrRazF_rpgFcJA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-szL_z85E2oTaSvnPheN246dhV7WHLrRazF_rpgFcJA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 16:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 23 Nov 2022 16:07:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-szL_z85E2oTaSvnPheN246dhV7WHLrRazF_rpgFcJA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame D8A4
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=344553805385465363144
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=344553805385465363144&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=344553805385465363144&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RPPXK0BES6PZYXTDJJ10
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=344553805385465363144&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame D8A4 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=344553805385465363144&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 556564543C5E40A2B34DD28A7F52A93F Ref B: SYD03EDGE0712 Ref C: 2022-11-23T16:07:47Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame D8A4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5234464901097473502&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5234464901097473502&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 16:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
AN-X-Request-Uuid
8917a426-4f71-43d3-a4be-c32d60d0bc1f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=5234464901097473502&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F557 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuhx6H44G70RwJgjmn4xWRdmGo76v2x06e5rce_wT0inHYCwrzGqYSKtjx_NwBNKzfTz7Q5DV8w3aDfejo9F5Leo0jbvcJ0RI5wD7DUbux6X-N4uQ4Iy4TS79VSe3bmSyEfzmLWDP0yHOkpMNyH15LsRG1c349WoXjOqROoCAjpREi4HOPC1PtlZoj_6k1P4IKJ7AJz7KpTWT0ilPGqgHfc4oQV_7HQYsEDFr6OJRFQMVagUFTMpsikCpIpWnCBBvpUWKKQdGIltzgYzzq09qZ1wYwmTk2BfBHiKla6tucXiKz7_NKXxnDIJETG8v-0qgJ5uVHTj2R6MkK8V-juJLsgvlDim9RqfQDD6GwFyPE0_Fl-8as0W87ruwko2pxqKi0T-BKKpTwjJILKcGZYvyFMpI-CeI3cJnTbVlr9beNu-HVBPc7VSj0ukPiFr5131vTu8iIH438Hbh21acptjIsXkJI5-MDeyltKTRVRGbltDi_Mqd-jqnDRthEI10dNVVGUhWWrHykR8ruamCDYFjZzldZ7MfUazQtsrJkPtgMqOwA2YOk7qUda04cy5hIo0sBMTeDDJQHHtyqkau3gYGOOhrjs14uXbHYAnc7bu5q3I8qyCFbEA4NVG86pkbguIvcrGIk002da9gI8BnEZSQER3JGjIyI0X3VKNZXWD0eq38AxUa-N-YP9xGeGp13uT7tdChrFkOp4fjfz6T26uHhlyxYrrQK-j_Vggs_yKf0Jq-V1S1K_F359V8c5st1zn63VQu3xXY15gh9gu8VuoU4-LvtbXVtAtkNN7cSVzE2P93gDjpAF9DZ04BXoD8i1Dq7bDRkODIUpFKBS_cLWmcR7qngYVpyXu9YyJP05SzntZJ1Vc5zJnW2m_2GOmOThPNJ3LhYMH1i4vnXp-HmEyPEiVQ5GVM94iEatGBTW39dh7dUGBQIXkxSLKLju_E40KlG1hLexYL3v-R_CEWqQxEbFnW9jJ2Nc6GEDzaL2QmMaoIPgfgG_IEoC0CnbELVH_jMZZaeyRTgMILXCM3AEb19LdjyQ46CwqVDXi8Y_rrVhdyyTmLHcxNUH3hSm5PVCNJXyO9hiuxGtSJwSyrHMuq3xPm03y4iKab038BiTd6GqqpN0jgvrPLCxPe65lzNNZO8eeVPdC9tM4ZXuWCQqVxaT9Dnuxyx96qF1Z7S0H0-j2XNKyK9FDYdm-L8YrPQwtEMapTdE0hVCFBn_UNcYDv8U-5l&sai=AMfl-YTWmYKUfZAaFCM3VAYy-FfvznlC-u_OAFn4kBja8wWFMCxPLzVXwDV9kbRQinocu5ISIhvinSbNb5tlNRc44Ubm2lfQrGOnYVkFk1eve84-QHkBwrwHO15ewAUORsqqGoY8X0qALIb0Jhj0dw5uGcpR4r8Op0uKcsjRez5p1m3U8x6T28aDyWdt6pGfS8N6tGZC_cOmATFfI6sG85XIokQW1uSbzUaxu-tGR0Ba0MuM53D6DoyaC1T9dzJEw1S_GBZFDRFK87c&sig=Cg0ArKJSzPspTYVxO2D3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1604&vt=11&dtpt=1604&dett=2&cstd=0&cisv=r20221110.92146&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNEHct6i8BNVv-qQTTrm_sB6SdN0lCSPE02Le6SEL2rUy3DO7yXHs6dqMME9vNzhUjZCBi1VUP7EhVEJarKRNNXECqQ&cry=1&dbm_d=AKAmf-Ae4QuECiIDMcL1yvK-OI9DzvGdE8pf5eH8MTkBHaoRfawbr1uy7cdAkJNFh0GtgZCD1hl4uFDoTzSKTuQUG7gk7AOgt4pxL8LqfHTin1kHRk5mLdEHB91gP_gmNmIgUPtSxHdNKXvybyOlauoo4DHpkBs8sGPF_GosKR06ejffu21B-8b4VvPfzHZnetpSK8F-ly8ZVDBN8ef6xbt1nGRm1pB2pz7czORijihC1aDJ7byKSBfit4DHePzPJWo16mje4e0mhHX-lB1qaKKU-llrU1q0f1A3xtlssRuzuVPRFZ64rEgu8ru1tXlcUkz5XWd7IL2gPksobIhJGTJdSyxonY6-q_bdZgvEmiTe68Su7CEWWKpbuMvf-OBKTuMX_bLOp9hioaV4v7j0Gy-xzNZrn7hRjo9mnh2cdnvfiaDd9wuBvMRK2mFJAFX6iZa1mshSoToumJNqX6SpYNF3hkjFRjwBmeQXucHDPRopntXeOuF3wefO0ENALJrNtf2v2DQLVi1F1zLB1vNOMg7Ghp6IFcBHO2ZwBDwVd2GaXzMaawm-HbIUVWFjV_0Y7wXPuQCBq3IMWAo6crgYMbmtw8o5k2UXw7sTuk7AYHlmBQrpAQxmPlwo1LVNJjIxiykr1lFp857B2LKlNChFWV3A8xxhRGtl_5KlBXZuBsIwG-W4OxshShnBCQxNHI9riuuGvi0hltbjHDL3nX9nFSDux-3vCkzNzCyfHLb2k38wOj2WX7LkJiy5XhlU69ZPdkDBS5Hmekpsjoi9JNS_m2s09HVxUgIaSoJvxqkrYLPTTmL9NqwUEwhuaFgVT5F3ByvhGODH5O6sw3P5foQqsGOJi0W3XC3AzdLrPabicJwmaZKyv2gwlSl2CE6arNx9m24BpKBDG_IdUg2c06BHXBq6qV5OJIBJLOsALLai7-wRiDSpCkKHEnXHeR3RYyv8z4mxCcsihph4__QwIOzLrS5rUvuvUUFkU_Qlm5TIO02bFiGwxpQv4NP3F574Emz7vEhLvPFgS0BbTsvlc2ZfsMw07LJ5V3mo98dkPDcmMtZUACQkBEEwvKggSABS74X7CGhkWo6y8esdqh6L2yE7lJ5iEGww0t_h14Q1UwVywgj-r6mv0xqf08nDY9Jun8Jy4BuJO1S4V0J7UWYPsUNFoWCUHHOHjxvhyp799nebdHS7OVv58E7r_jsmeIfX7VDkTXrgHHArupKj__J3oY7TeM4kQvQTsFnneXDcYA1EJ-wbhuUSfM5Fzft6xc815h9wpTR3fsNbMgY1vI8GxPm4WgznM-UMwUDlXyc5Ohz1a-hYmPbRYs3cT3ub9C_UJEbMG_4NkerbK989_XB4waAJ1Y2UwFhyg1B5b3fT2sgL__gyrG4YUHYluKMnHRO-jUZmiww9B5FzoX9PClmY783ARphztpbcW8-7WKIe0KdOYf_1lkLMJ_HfQ8QJoAU9qMCkhOFZZDTNg2djwGHbGjHwxvlQk0qD0u5U_E9fl2Zvz-1r954xevIzFW4F8OLj83W5mIwhDcNCzFiQeDuTwI6YAh2lfogNeWbkFpll0TD7_u5FUs9nOq-QUbBdKqE9-TyBrfeDP6E8gNpUD4Ybk6hbinx0ncxo3AA9IJLgPR6UfUAz1HE9oTRMzqnOE3Q_QiiGqxQpEPS4kn9ZJNN96SOdHEcjKlEBjgDX_z-Hs081XHQxjO06gnlwh12L1NTuM-xhT8tT8rmX3KwnpJ-WDpSoJHndOMuKXFU0XSbuDWFlDgnUjlMfIYEmznirgBAB9qUVFzX5UTttnVTCerVc62jj8ns3pCM34fi5bg-37Y5Ej-vQ77RRwXOyL_3O4JbEjYS3k82telvy9A5_DyT9rm9cXxUA5WY6x7EMaTp_mE4AZpmNVPh-MfnDNVdMOxLlErYjHlXjF-tZG1oXns3_x844OCmTmzJmeJdP_rPWye-UAX0e3YavFdDSozQzn4GVEiNnBBUDJg2Nt6bTuXa_W01g8mwk5aiiqSUa8aW8I7tByt_ap-pDUtERIrlt_WiITmQaYrxTGfe9UDdH2pJ_HXBrB5_QcnvRk2LuY672FEJrEgpolIjl4cDTfmQSbdXW2XnW1t-jJHNdK66O5TD3Vr9QZ3bSOqpWGNxhgv9TpJMwCxYOQSXG2TCS2RfrzUVB8JNwLleaBdYYh6P5fj9jwqT8rxQYoGLKUFU5e2RDWPWNTVMVpX_QwaNR7rGw39xEJ48DpSh-u_hhitLTOcWdr2gIKctyoIuLT28GKpORIpNzkF7jJm7XZuDl03KiBXa0rGE1lvFdcWMdodGQf6-K89m9inKaK1FqbeektR8BbmeDHbp-EojULfskzcJXCBz0ubVVbEYQDOdHV6RcaMyqxYh77lO8kQ0FXYKQLsgGlGEOxz_SCOHKaPLU4aYD00HoJpZzodSbxzOw433UzRcpLEN6yw6ppawYEb7nJxw5sRv3-Kn6oY0ne6chNitFR_mE27OMNgokZHj1ssDk2xjE1aJ9mfNH8grHoPlrq_Oq-Ms-flq3tIn6QFonCR2XqcTLQltjyeGZNgkS6LkmvmstlRMnqHVNPv3UBCVyzAiv-JuqfRVi37pxtbvZeYqq2J1mzhacydlIVijECtWomT1kzjydfslj-exCwwgqw2rdfJw3RTUlhuU5hoVz9ysQSjKwBXnIvefETWZKuD70l-m003w2Z8xjlOrW9CN5Tdj0vCN3kdVTLFkshLE87SmkmDa6RYhzk2Z4HpZpzKOdiMtqNGHc6DkB_8yEwSA7d702cwTxTG4P_JT2C70A4LFWGV_9jvAyIx-p1MUqmnB3kAYiF07R3RLq5qN_E84HPi-2LDe2KPJ32IhCpKdK3cbfjBAGQeuSfhIKlQqykv4TsRkiAkoDwgYCJ8q9tV1fqyagN12YJXkmiXkiJG3atYUwYw3r2V7KDvsPG4Rsle-XjiK7QqcrArVnjPyLeiMkWE5k_JbteMdXwHYB1EF9oNyKLINNxDaxgRlR-78lgX8xKzUpSsAfVdXQkjwbJC-E53gGMV10ziRx-j0ywl94hnBZEa0jFcrdN3HVYLWcKOHcNDCtUwaLBLKyJU4-uYLjP8_B_ciQCKuKRfHOirHscDKPPYiZOGlTrh4zM4GCE5slTwhpzwrNSfykLH7OD7Q9yrl6qVCDyK98rP_HGrUpEumICcdzH1hI4SyHBzUX-jPYCcBmW_IKYJAnuHpkuoFWoU8Io2oaAgBm_PrYJV6cwA4IyJvQ4PXj7W_pP4MtFYwBHvQQ4Zw6gz2y91QJHDrZKwpz9b6S7LFjaixUju5ETog&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=1785422693768280600&adk=2857193498&idt=321&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 16:07:47 GMT
pixel
cm.g.doubleclick.net/ Frame 33A6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC_SgTKR2z95cii21SIMQRk&google_cver=1&google_push=ASkJ3FZidL6H7y55XIX-0O85uxkOwDLsMZ880S0u_KylEn7Z2MOjaAarNnPH_aBAPsRRnWhtjqFULJ7ZEsr2yTfC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FZidL6H7y55XIX-0O85uxkOwDLsMZ880S0u_KylEn7Z2MOjaAarNnPH_aBAPsRRnWhtjqFULJ7ZEsr2yTfCzo8N6I3N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FZidL6H7y55XIX-0O85uxkOwDLsMZ880S0u_KylEn7Z2MOjaAarNnPH_aBAPsRRnWhtjqFULJ7ZEsr2yTfCzo8N6I3NGDRURGQseon3gOdFy-6_ix1-H3iywVsJwSN46dGAeVRFLsgWLw
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
MT3 169 32252b7 master nrt-pixel-x6 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=U7ljfkVOQwCwUX35cJhUmw&google_push=ASkJ3FZidL6H7y55XIX-0O85uxkOwDLsMZ880S0u_KylEn7Z2MOjaAarNnPH_aBAPsRRnWhtjqFULJ7ZEsr2yTfCzo8N6I3NGDRURGQseon3gOdFy-6_ix1-H3iywVsJwSN46dGAeVRFLsgWLw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:46 GMT
pixel
cm.g.doubleclick.net/ Frame 33A6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBEjZwhiZB0xwWi3wM1krfU&google_cver=1&google_push=ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_4C1YDjQDmHXwEQdBzDG-td7G4ISfJ1AwQPx1Be76FH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_4C1YDjQDmHXwEQdBzDG-td7G4ISfJ1AwQPx1Be76FHX6yAwYEkuL8g&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_4C1YDjQDmHXwEQdBzDG-td7G4ISfJ1AwQPx1Be76FHX6yAwYEkuL8g&google_hm=Hm3KJpDgQryRWey4jGH9fw==
Date
Wed, 23 Nov 2022 16:07:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 33A6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFAjVOzx3Rs9q0HUc35azPo&google_cver=1&google_push=ASkJ3FZMym4gAc_b4rXCnGOrE9YBIA5-FxJELx0mOEJGknEKAEid6OQv6udFN4P59NK5j9eEvi41KBDvqw-U5uccTt-Zcn-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZMym4gAc_b4rXCnGOrE9YBIA5-FxJELx0mOEJGknEKAEid6OQv6udFN4P59NK5j9eEvi41KBDvqw-U5uccTt-Zcn-PytN820i7BHK3jrp5Wb9iaOGRxRhV3q8Sb60O9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZMym4gAc_b4rXCnGOrE9YBIA5-FxJELx0mOEJGknEKAEid6OQv6udFN4P59NK5j9eEvi41KBDvqw-U5uccTt-Zcn-PytN820i7BHK3jrp5Wb9iaOGRxRhV3q8Sb60O9wRYxOfvQKpl&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZMym4gAc_b4rXCnGOrE9YBIA5-FxJELx0mOEJGknEKAEid6OQv6udFN4P59NK5j9eEvi41KBDvqw-U5uccTt-Zcn-PytN820i7BHK3jrp5Wb9iaOGRxRhV3q8Sb60O9wRYxOfvQKpl&google_hm=NDE5ODM1MjU3MDQ0MzI1ODY5Mw%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 33A6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJXsKg_tKCChVNlt0aSBfbU&google_cver=1&google_push=ASkJ3FZ8w9EkCk2xbESKKo43IWKaSneXoKjai2CqfdkSsAJhHCE7ei6-nmznloScBqeCLDPnOUEeGGIi9a3Jrxd...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FZ8w9EkCk2xbESKKo43IWKaSneXoKjai2CqfdkSsAJhHCE7ei6-nmznloScBqeCLDPnOUEeGGIi9a3Jrx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FZ8w9EkCk2xbESKKo43IWKaSneXoKjai2CqfdkSsAJhHCE7ei6-nmznloScBqeCLDPnOUEeGGIi9a3Jrxddnrpd45Qzlg5P3Jo_fRvY6Hq7PPLPzzRYxMZJ_QeaGseY1EUjXQBcmEgN
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HUGpivJgRIZW38GiohQPJnRaSso&google_push=ASkJ3FZ8w9EkCk2xbESKKo43IWKaSneXoKjai2CqfdkSsAJhHCE7ei6-nmznloScBqeCLDPnOUEeGGIi9a3Jrxddnrpd45Qzlg5P3Jo_fRvY6Hq7PPLPzzRYxMZJ_QeaGseY1EUjXQBcmEgN
Date
Wed, 23 Nov 2022 16:07:47 GMT
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
spacer.gif
an.yandex.ru/resource/ Frame 33A6
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEBiOY_AHTQimo70c1KZRDWI?ext-param=ASkJ3FYjHx6szMYclyjoWfJhqeNcfBavYzqxyPlsmBmdY8G1FZTA3tS8BV6BlaO4aDO19hm-EN-5z7nH1NXeO7N-xFdo28DBRmTnLdqoQKJy5HfP5kLbC6jIno9k...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBiOY_AHTQimo70c1KZRDWI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 08 Nov 2023 16:07:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 33A6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0rBS9znQ1ORA9uDVM9_UXW6pf4t4YzKVtBROWqU7HoX7p8v2YIwf-W0S8
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame ACBF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZjdYAg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame E830 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VFu0QA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 225B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?K2jvtA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F9C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRLpZUEV-Y9CnMfyE9fwP5NSz0AUAAAAAOAHgBAI&bg=!xcalxoLNAAbvMpMzzzI7ACkAdvg8WtUrCDdRJ1A7pnBqSunTYIw1HftCqhrl46N1ytx4decfftX2hwIAAAHuUgAAAANoAQeZAvOVe3bNbBgyVb9Hv_V4wC3nrbQNB0cF69NKkIySFFhMVV0JgPppDFuuBvQV8geC05B15CiIqxeH3PpPsWCcB7KRRCGf0FGeF0UQxZqDBZ945Vv_-vel5bDidmpFQyVLeKoHk_qzVHr08e1-zufL4Gu-6QBqW2lejlEkYCXjQNNDnq1SQ_Aa9FkYQF-IduaXCPNY9vyO3cT9tv63Fs66vHmPtRGylKe300hkW2NobC4ja-bVXp916cwkMBeBKDszuEHLFJ-qshKp-Yk7bm-UuPdAeP17u50WYFbZUiQhGJlLHOvjZdHdQ9G2Hq3h1yv8H24ZJvF6siKoAzgdA6x6uBU7Tdjl5VlLhDwQ6ibtKeVx_csPqrVo66JQm9v84Pb2MA6kswiWcgsjdrq2Yu74WFftAFXcFoLGrp6tGduJgviDEYc75dwm0cbEurwkheIHxgO_519yWkqiNVLN2wLKkfvywhUcSoYCd_-ikBOy3BJwDlTi9qWgoq9ikxcJSL9YjCYjg9or7bh2H0hBaFRQi5HUDzAXUNvcV3RxX0I29E9oTzSdc1BkcM1PugzuTYQNuJMYfqx8ViZJlThW3u4zjL--F3mBrlxW4vV8tdNdnhM5RSTJEmPXQK3jFqF11GGVzvgYTVVzoGrdPB1AXE4vnFT05snTvYtTYA0zM4M6wR2pWbOawWeZtsi3_QIJ5TLP3bOuww7GB1yXwlyjzTCqTspIbNPqW_HL1LcYWM3udK9SCBpkpqTO3_qOqbxJYKxF7lOZrsSglg_DwtkbTeebSDFOPq5PTpTPd0SSePbIIbdCLu59lJD0gzCZoWjb4JPzk89wSJTWizvKPf9yoPsvhLKTfP26ut3i1__VKwpq1cKVo0N81JZXmxyhmbZwyC2RMgzb8_JtuS_nmuQgrpBsuymmfe0zKdjf7GPo-GxdKN5T-CCxnH4fA_nR9Fpw8EG40qs4iEzTt9LYAdII7FvkHXOzVP5ej4Y8J6d2FOscxg-WWeuCaQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 294E 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.30.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
35fd07ef3a4aeb7eebb8c9bd1df734f5f14e834913fa16a92f0a62473610470f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 23 Nov 2022 16:07:47 GMT
etag
W/"0699b3d0443005cfc24e2a5fb576355e3"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 06C8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
cde23e5f7a64a5f27a53a63338f2667e495c0cdd0f049be5f7c2a16d9d94350c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1398
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame C795 		711 B
961 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a6ca1edf1b791ab61dba702f334c95f91314511e5f7c1c9ceabad7039d2f52

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
711
content-type
text/html
date
Wed, 23 Nov 2022 16:07:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B37D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9aab16337062d8a59786a2d05d4a7d888b06cb6483ac5bdf68f1a8b8117e6b4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76eb28e77997eeaa-AKL
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 16:07:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOZzrmE86MyFnHCCVUPgLPRWclNKHlttb4XZEuhQsqCCbpsaegL0iwkBJVBv2mEk4nLu9csm%2BdTb%2BB%2F62T134DKPYWqh3rJvBsYk8FwsHC5wjAd9Y1%2Br0fRNSRqF2RTUFREfoT3zNUXxvA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 22FB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 16:07:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 16:07:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 496A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132508
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 25 Nov 2022 04:56:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame FFD7 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4c77d16f89de3ae5660fc98877097f8f08af8c1c554785dbc8e37ffbd20abee

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Wed, 23 Nov 2022 16:07:47 GMT
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-id
m9nQq6QqWjEmM6Gl2TJRJVyzr5lgVwg3sLMJvE4ALfHDt22wupDNMA==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 617D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5234464901097473502
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5234464901097473502
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
AN-X-Request-Uuid
1c6ed0ad-5488-472d-ae6e-2068fa8d0e91
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 617D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FsznDRZHcKyMQD_wQDew9cfI
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FsznDRZHcKyMQD_wQDew9cfI
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FsznDRZHcKyMQD_wQDew9cfI
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 617D
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FsznJLZHwEd6WysHSXumTiv6
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FsznJLZHwEd6WysHSXumTiv6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FsznJLZHwEd6WysHSXumTiv6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cksync.php
contextual.media.net/ Frame 617D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7973863310
  • https://sync.1rx.io/usersync/tradedesk/afa73f1e-2282-4722-ab92-69e030e1dce8
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:49 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=r1&refUrl=&vid=92196667583122212667444262000V10&ovsid=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2771d97821e348e591c1186eef521a7a004
content-type
text/html
sync
ads.servenobid.com/ Frame 617D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1972084068059896135
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1972084068059896135
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1972084068059896135
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 617D 		0
0
pixel
ap.lijit.com/ Frame 617D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8079%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ea63533-f956-4845-983...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8079%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
63.251.14.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 16:07:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8079%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Wed, 23 Nov 2022 16:07:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 617D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
eb2.3lift.com/ Frame 617D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqU2h0dHBzOi8vYWRz...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F9275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dtriplelift%26...
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F9275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE1HTTFZVGM1T0RBdFlUa3lOeTB6WlRJMExXRmtZVE10WkdVd01ERmxZVEpsTURnMk1nSUdERGdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F9275%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE1HTTFZVGM1T0RBdFlUa3lOeTB6WlRJMExXRmtZVE10WkdVd01ERmxZVEpsTURnMk1nSUdERGdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 617D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
date
Wed, 23 Nov 2022 16:07:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame C353
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=N7-9-SSXSGS-KFGV7p9xgg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N7-9-SSXSGS-KFGV7p9xgg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N7-9-SSXSGS-KFGV7p9xgg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CEK6S0947197NF99C1TG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=N7-9-SSXSGS-KFGV7p9xgg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUVUFFRUMtWi00WDhZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUVUFFRUMtWi00WDhZ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUVUFFRUMtWi00WDhZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C353
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame C353
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkoLJSP0m_gPWXVX5kNCUY&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkoLJSP0m_gPWXVX5kNCUY&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOkoLJSP0m_gPWXVX5kNCUY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZiM2Y0OGNjY2RmZGQyZjE0NTllMTQ2MjliNmIxMzY2OGM2MzU5MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZiM2Y0OGNjY2RmZGQyZjE0NTllMTQ2MjliNmIxMzY2OGM2MzU5MQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWZiM2Y0OGNjY2RmZGQyZjE0NTllMTQ2MjliNmIxMzY2OGM2MzU5MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rpUANLcLwga1pAZxfXbDOQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4198352570443258693
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4198352570443258693
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 23 Nov 2022 16:07:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4198352570443258693
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C353
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ijgA7anMQT6_MHzPavsbIw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ijgA7anMQT6_MHzPavsbIw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ijgA7anMQT6_MHzPavsbIw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
313FJJ151XH77VSZJTEC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ijgA7anMQT6_MHzPavsbIw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame C353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LATUAEEC-Z-4X8Y
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LATUAEEC-Z-4X8Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AEEC6A2DBE614256BCF4FF9C948C9CEF Ref B: SYD03EDGE1408 Ref C: 2022-11-23T16:07:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuJX1f0BJ3iL+DyHyjjg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LATUAEEC-Z-4X8Y
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame FB2F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
AN-X-Request-Uuid
1600b1ad-db3c-41bf-a6d7-0ddadca3dec0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y35FTk47_C13IzGVNooSSQAAErAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B37D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y35FTk47_C13IzGVNooSSQAAErAAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y35FTk47_C13IzGVNooSSQAAErAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B37D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y35FTk47_C13IzGVNooSSQAAErAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y35FTk47_C13IzGVNooSSQAAErAAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y35FTk47_C13IzGVNooSSQAAErAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y35FTk47_C13IzGVNooSSQAAErAAAAAB
date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame B37D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y35FUwAJ2X8mQwAW
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y35FUwAJ2X8mQwAW&_test=Y35FUwAJ2X8mQwAW
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y35FUwAJ2X8mQwAW&_test=Y35FUwAJ2X8mQwAW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11233-MEL
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669219668.259306,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y35FUwAJ2X8mQwAW&_test=Y35FUwAJ2X8mQwAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame B37D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SDhcdUo-X3VTPlMlTGpGdkc7WChTO1InHWmDf6_C
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SDhcdUo-X3VTPlMlTGpGdkc7WChTO1InHWmDf6_C
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SDhcdUo-X3VTPlMlTGpGdkc7WChTO1InHWmDf6_C
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B37D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
MT3 169 32252b7 master nrt-pixel-x24 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=53b9637e-454e-4300-b051-7df97098549b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:46 GMT
crum
dsum-sec.casalemedia.com/ Frame B37D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SLD7gVEY1OXShS5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SLD7gVEY1OXShS5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=SLD7gVEY1OXShS5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B37D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANA807G_IsAACCZp7Kynw&expiration=1670429267
Date
Wed, 23 Nov 2022 16:07:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame B37D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HUGpivJgRIZW38GiohQPJnRaSso
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HUGpivJgRIZW38GiohQPJnRaSso
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HUGpivJgRIZW38GiohQPJnRaSso
Date
Wed, 23 Nov 2022 16:07:47 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame B37D 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y35FTk47_C13IzGVNooSSQAAErAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 06C8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-z6sAh164UrcDC4ZbJlmzZoNqqgsJHw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-z6sAh164UrcDC4ZbJlmzZoNqqgsJHw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-z6sAh164UrcDC4ZbJlmzZoNqqgsJHw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 06C8 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
MT3 169 32252b7 master nrt-pixel-x22 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:46 GMT
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LATUAEEC-Z-4X8Y&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LATUAEEC-Z-4X8Y&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LATUAEEC-Z-4X8Y&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5234464901097473502
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5234464901097473502
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
AN-X-Request-Uuid
658ec2d3-7e55-4379-9c59-9fd6c4324349
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 06C8 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3526574862333994897
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3526574862333994897
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3526574862333994897
date
Wed, 23 Nov 2022 16:07:46 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 06C8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z6C9Z63ZZ3RGPG1P5AZM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUU5OTQyODktRjQ1QS00NEU3LUE5MjEtMjU3NDQ1NDk3NEVB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A
date
Wed, 23 Nov 2022 16:07:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame 06C8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9747df56-993c-4d28-9abe-72fe131b0538&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 06C8 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6EB9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57679441&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a842fcf3b8ab1d1622c1b430dc1683ad857d24a06a1247e1f87ec8a0cac3f1e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ Frame F490 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.besafe.global%2Fglobalpassback_728x90.gif&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&cu=1669219666457&m=1119&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lh=44&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A2857%3A2857%3A0%3A2867&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=197&cd=0&ah=197&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=1095830276&cs=0
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 23 Nov 2022 16:07:47 GMT
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5234464901097473502
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5234464901097473502
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:47 GMT
AN-X-Request-Uuid
07b23fb3-920f-49b3-9301-053b460deb47
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 294E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008238135447&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522942008238135447&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=826d713c-afa9-4464-b12a-d8dea6e6c944&ssp=gumgum2&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008238135447&ssp=gumgum2&gdpr=0&gdpr_consent=
0
0
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1d41a98a-f260-4486-56df-c1a2a2140f26$ip$116.90.74.202
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1d41a98a-f260-4486-56df-c1a2a2140f26$ip$116.90.74.202
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1d41a98a-f260-4486-56df-c1a2a2140f26$ip$116.90.74.202
Date
Wed, 23 Nov 2022 16:07:47 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=zq2xujy6wtN8OqpAFqWq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26TRGJ4HK2TZGZ3XITRYJ5YXAQKGOFLXC...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zq2xujy6wtN8OqpAFqWq&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zq2xujy6wtN8OqpAFqWq&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=zq2xujy6wtN8OqpAFqWq&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7018968450
  • https://sync.1rx.io/usersync/tradedesk/afa73f1e-2282-4722-ab92-69e030e1dce8
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2771d978-21e3-48e5-91c1-186eef521a7a-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2771d97821e348e591c1186eef521a7a004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=yT5iDekcOTlE&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=yT5iDekcOTlE&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=yT5iDekcOTlE&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78f7f5b45c-7nhqz
expires
-1
services
sync.technoratimedia.com/ Frame 294E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28LQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6&obuid=ENC(LQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DLQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx...
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DLQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu%26us_privacy%3D%24CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
132.226.63.138 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
709497353
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true

Redirect headers

Location
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DLQvjN5zMFjkYYR832idKw7Kqhjo1Lg_crsPN2SZ-HsPNyx_t8baBnRZrmn-ulaEu%26us_privacy%3D%24CCPA
Date
Wed, 23 Nov 2022 16:07:49 GMT
X-TraceId
15bd4de47e3f42524fc067e7ebf1f7d0
Content-Length
0
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c82825b8-04d7-4bef-ba59-f76b09e5c1b0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c82825b8-04d7-4bef-ba59-f76b09e5c1b0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 23 Nov 2022 16:07:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=c82825b8-04d7-4bef-ba59-f76b09e5c1b0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-gPlNa39E2pe7DFfiNVBYXFloWuDFnFh0LNrj~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-gPlNa39E2pe7DFfiNVBYXFloWuDFnFh0LNrj~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 23 Nov 2022 16:07:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-gPlNa39E2pe7DFfiNVBYXFloWuDFnFh0LNrj~A
content-length
0
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=950ebf06-b944-403e-aa1f-085ba9d8d2f5
0
0
services
sync.technoratimedia.com/ Frame 294E 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
302608366
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 294E 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=689f5466-9bf0-43a2-b5b8-7061fbf7e677
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=689f5466-9bf0-43a2-b5b8-7061fbf7e677
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=689f5466-9bf0-43a2-b5b8-7061fbf7e677
access-control-allow-origin
*
date
Wed, 23 Nov 2022 16:07:50 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 294E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2334647491242059714
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2334647491242059714
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2334647491242059714
date
Wed, 23 Nov 2022 16:07:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame 294E 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_4ae4faf0-ba5d-4ab5-a744-091e113e31a6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
oRTB
sync.inmobi.com/ Frame EF3F 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6E84 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132508
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 25 Nov 2022 04:56:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6C2C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=afa73f1e-2282-4722-ab92-69e030e1dce8
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=afa73f1e-2282-4722-ab92-69e030e1dce8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 23 Nov 2022 16:07:47 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=afa73f1e-2282-4722-ab92-69e030e1dce8
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9616
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:47 GMT
Expires
Wed, 23 Nov 2022 16:07:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x23 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame CE3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW
  • https://usersync.gumgum.com/usersync?b=atm&i=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 23 Nov 2022 16:07:48 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent=&_test=Y35FVAAJ2yMnWQAW
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11233-MEL
x-timer
S1669219668.306481,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4131 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80YWU0ZmFmMC1iYTVkLTRhYjUtYTc0NC0wOTFlMTEzZTMxYTY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 16:07:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 1BB0 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.208.230 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 23 Nov 2022 16:07:48 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 1EFE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y35FU8Co5s0AAAaLTHUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y35FU8Co5s0AAAaLTHUAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 23 Nov 2022 16:07:47 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y35FU8Co5s0AAAaLTHUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
23
X-SO-HostName
a-ad40189.dc2p.scaleout.jp
X-SO-IP
116.90.74.202
X-SO-Key
Y35FU8Co5s0AAAaLTHUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":23,"gdpr":false,"ipv4":"116.90.74.202","key":"Y35FU8Co5s0AAAaLTHUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40189"}
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40189
gumgum
cs.admanmedia.com/sync/ Frame 27F0 		0
0
usersync
usersync.gumgum.com/ Frame E14D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y35FTk47-C13IzGVNooSSQAA%264784
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y35FTk47-C13IzGVNooSSQAA%264784
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76eb28ec5a12eeaa-AKL
content-length
0
date
Wed, 23 Nov 2022 16:07:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y35FTk47-C13IzGVNooSSQAA%264784
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQjZIVQStWLeIcExZTdVZk6I4Wn9lYS2iU7j70ElXvXmUFtJMbCaLL6IyDcR%2FSCTvJkz0SxE8jpZ0WyMBUd2ZaQE1RyxKZSV93sRE592i%2FcsoRHN%2F6kR9Ki4bXKNjQm60iN2ZiRwKzLmsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1042
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=6PDj5x33kMd88fqpqjN7&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=6PDj5x33kMd88fqpqjN7&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 23 Nov 2022 16:07:49 GMT Wed, 23 Nov 2022 16:07:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=6PDj5x33kMd88fqpqjN7&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame F8A9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:48 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 16:07:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
gen_204
pagead2.googlesyndication.com/pagead/ Frame F557 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1295197101147&version=m202209210101&ct=76&x=1&cor=1785422693768280600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F557 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqjZ9YtQyJ_vuDIU64hVTJeahJyXsJMhMyzYI1sfLBHeg_4oKt-P63HMq5VsnLc5ZTgVw1ADoOE55NWvO9Ssu4-LaeQ0rkG_pJenCmzWI_8eBEnF0laa9fHDKsdqkINe8_cj8&sai=AMfl-YQeztOzxcF5o9BJkxRylX6Wz0l38oYclfwMyuhvrAUIdbWRS4RP48dLgMRGrzXYg8FzzqdhtosL1JXuZKFidlKAyPHjXzrqkmgTERQVdkoWMOq_oclI65i2vpJygA&sig=Cg0ArKJSzJ1Zk38nZ-puEAE&cid=CAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw&id=lidar2&mcvt=1027&p=300,5,900,125&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669219663710&rpt=3093&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame C795 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2334647491242059714&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame C795
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=d66ddc2205&gdpr=0&gdpr_consent=
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=d66ddc2205&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=d66ddc2205&gdpr=0&gdpr_consent=
Connection
keep-alive
X-XSS-Protection
1; mode=block
/
rtb-csync.smartadserver.com/redir/ Frame C795
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3044baec-f06a-4a3d-a92c-367d92ef1a42&gdpr=0&gdpr_consent=
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3044baec-f06a-4a3d-a92c-367d92ef1a42&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3044baec-f06a-4a3d-a92c-367d92ef1a42&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
3.gif
id5-sync.com/c/102/3/7/ Frame C795
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOr3iViNvohfVkpITj1dwbB5R4fYfhFOPfqg77HQ&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=2334647491242059714&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOr3iViNvohfVkpITj1dwbB5R4fYfhFOPfqg77HQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/102/3/7/3.gif?puid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
0
0
/
rtb-csync.smartadserver.com/redir/ Frame C795
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 23 Nov 2022 16:07:47 GMT
Server
MT3 169 32252b7 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 80B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1728215929861189&bg=!jY6ljsrNAAbvMpMzzzI7ACkAdvg8WhnLt1w9JUtQ_iIU1k0Sv9Nq0P92K3pmWzAK9qZLnrtUj2ilCAIAAAB3UgAAAApoAQcKAEwJ9Mx9SxCB6MZuEK1MsdF4Ovjf-tZMFdigPBWSsIahCz0ptZApxky0HHWVxyVo-sugyymue1XWznZetEtNfBts0xKZFX1mIrO6Con6mQK-KeLP56HmHlJ3I0h9I5tLvuBsGSoLRNO69Ah26PLUYKnzTbnhLxsttrIQMrls-KjtELlqbuoCwYFym8F_EVetNx-DhXI8Q9B-5wOI3Y89y-SHJx-qMtheKpE6fSWgNGjon0ezwFuoYs3XH82klIUqddrwWyDiS-0CVjmzZUe1tDkfMxfpmkrQwmhBgLEJqsDGapxfViLBUzo3lHemNZnAnrCH4DQZKT4xTAUsTqznPnLVjCQ58dWXh2xG3fDsM6T4W_OApwAs4_Pt-oPN621fwsyTlkDBbkDSzzWb5-75ykF7Q4FCdSOYUm9mqzN_k3q1swIKtw2TCzd4aOVfdF-wLKQiTgv6Jt_ScCRN2GN4mD34KFojnOsa9WcgkMWWwRl2Fceli7fAI50OFIYA40usSYsSDITfxkNQbfuNh7KGVGXpwm1D1jt-tiukZRcuBmQPFxmnE7c2KltYSMFLaVRrl3Ro92tKXHBstmWFcktcd1k8vFN9ZirG4eW1H8MErRb-W8TMgfOKbBNnubOAqH1lSInU2Ed14TUXqK9QuPSDxeT9jznY4gmfpqk5nkDtiEbC4vdyYQxfKPwkSdKNWiNJiaRCLNaYu6efv3Q3yMWKBUZKvC8ALGqUb9iSPSxtb3kgL82nukKrbDRxcxZpgX_20N_9ySfSo747mwX2GWV8Kd6orSHsJKOfbpeaX3FG_jEoye_W8FOrp3K3atgiMVghBJKWW2sCSLkBYbXKnP_DBYC7bQV8jcuvZR0xKhGBdHmwb1HpABm1PyYA85n-Pu8nhR-Rrk4O64um3mxxa5iDr1SJqzOYiBvcRvAI1ajb9Dj7Y0OxA5ZQUP5VXnITg22BPdfnqgeLK7Xlw-dRQVUaNX1_2XaoeOP0YfE-ug6bkjOyVTrshjw0hz36Gy8w_ZZ0nnSrAONY_8eCq8gnJDrA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 22FB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
44de01ec2e09eb464ebf0455bbfa1fe4fa58aae4a05b2b1e5898f5117d377edd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 19:56:49 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13736
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 19:56:44 GMT
pixel.gif
px.moatads.com/ Frame F490 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&cu=1669219666457&m=1356&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lh=44&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2857%3A2857%3A0%3A2867&aa=0&ad=112&cn=0&gk=112&gl=0&ik=112&ic=112&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=237&cd=197&ah=237&am=197&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=263895697&cs=0
Requested by
Host: 1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
URL: https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 23 Nov 2022 16:07:48 GMT
usync.js
eus.rubiconproject.com/ Frame 28ED 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
44de01ec2e09eb464ebf0455bbfa1fe4fa58aae4a05b2b1e5898f5117d377edd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 19:56:49 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13736
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 19:56:44 GMT
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=FsznJLZHwEd6WysHSXumTiv6
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=FsznJLZHwEd6WysHSXumTiv6
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=FsznJLZHwEd6WysHSXumTiv6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g63830ba942760084463&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g63830ba942760084463&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g63830ba942760084463&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cookie
cm.adform.net/ Frame FFD7
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7da...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
37.157.4.25 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36119%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
date
Wed, 23 Nov 2022 16:07:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
services
sync.technoratimedia.com/ Frame FFD7 		0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
786242825
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
ImgSync
image8.pubmatic.com/AdServer/ Frame FFD7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004&rndcb=7254367400
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9747df56-993c-4d28-9abe-72fe131b0538&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/1e6dca26-90e0-42bc-9159-ecb88c61fd7f?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:50 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 23 Nov 2022 16:07:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=344553805385465363144
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=344553805385465363144
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=344553805385465363144
date
Wed, 23 Nov 2022 16:07:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=78f899bba62820a83072a8854f87a97a
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=78f899bba62820a83072a8854f87a97a
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=78f899bba62820a83072a8854f87a97a
x-kong-upstream-latency
9
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=a64c63cc-5350-4ced-a5ba-fe7181b64a13
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=a64c63cc-5350-4ced-a5ba-fe7181b64a13
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=a64c63cc-5350-4ced-a5ba-fe7181b64a13
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y35FTk47-C13IzGVNooSSQAA%264784
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y35FTk47-C13IzGVNooSSQAA%264784
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAugP0LJIcj%2BAbVCZ%2FIP4QnB6MrMwGYB3IMoDXNCS%2BBzSL8mqtIFQYpJOWb9TKqeRUMK6hUpB6FMMwtrIOzQhc6n3hCf556%2FcyxrCGDPFYJEziL3XsBsIes1GaUlIpNNOAYEZGlY6ogvkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y35FTk47-C13IzGVNooSSQAA%264784
cache-control
no-cache
cf-ray
76eb28f47af7eeaa-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=5234464901097473502
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=5234464901097473502
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
AN-X-Request-Uuid
0fe28937-ef2e-44ad-b0c5-4ae0055752bb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redirectuser
ssp.disqus.com/ Frame FFD7
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqWWh0dHBzOi8vY3Mu...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29929%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533...
0
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=yT5iDekcOTlE&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=yT5iDekcOTlE&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=yT5iDekcOTlE&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78f7f5b45c-7nhqz
expires
-1
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminu...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=cf143faab8684f0e8437b335c72e9ec0&ssp=minutemedia&bsw_param=1e6dca26-90e0-42bc-9159-ecb88c61fd7f&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
0
0
minute_media
cs.admanmedia.com/sync/ Frame FFD7 		0
0
syncb
sync.bfmio.com/ Frame FFD7 		0
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=be99bee9-67e9-40d8-8234-58a674796738&gdpr=0
0
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=db591510-169a-4319-b91c-2cf6672336b4
0
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=c9e56cf9-dd31-4211-b4a7-d82b4faf16aa
0
0
us
sync.go.sonobi.com/ Frame FFD7 		0
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame FFD7 		0
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
0
cs
cs.minutemedia-prebid.com/ Frame FFD7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A&gdpr=0&gdpr_consent=
0
0
/
ssc-cms.33across.com/ps/ Frame FFD7 		0
0
sync
ssbsync.smartadserver.com/api/ Frame FFD7 		0
0
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame FFD7 		0
0
match
ads.betweendigital.com/ Frame FFD7 		0
0
sync
ads.servenobid.com/ Frame FFD7 		0
0
usync.html
eus.rubiconproject.com/ Frame 4A07
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 16:07:48 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 16:07:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
19fc6daa3a926256
ads.us.e-planning.net/uspd/1/ Frame C301
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
872 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.139 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
12051058311f9d79859e916eb4e5a36b9be3fb0e0777361a353e54915c51f39d

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
872
content-type
text/html
date
Wed, 23 Nov 2022 16:07:48 GMT
expires
Wed, 23 Nov 2022 16:07:48 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-600

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 23 Nov 2022 16:07:48 GMT
location
/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-600
/
onetag-sys.com/usync/ Frame C7B3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
734d46a28ae5458c6b02ba376b0895008481eeb018a7daf651463be45f9c41c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1409
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
activeview
pagead2.googlesyndication.com/pcs/ Frame F490 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWHGcBixTPqudRY-S4D6WcVP6Wz8tqf1xItXI2kjMBWgx4tQeu5PBc6qGw1NOkx1gb9bRKljg-nj03suKaxBRJrYUD&sig=Cg0ArKJSzI4qw736w8saEAE&cid=CAASFeRoePN5S6G89oeLb_vgquYWLbwIlQ&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669219663701&rpt=3493&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 22FB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LATUAEEC-Z-4X8Y
  • https://ads.servenobid.com/sync?pid=323&uid=LATUAEEC-Z-4X8Y
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LATUAEEC-Z-4X8Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.212.146.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LATUAEEC-Z-4X8Y
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
cksync.php
contextual.media.net/ Frame 28ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LATUAEEC-Z-4X8Y
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LATUAEEC-Z-4X8Y
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LATUAEEC-Z-4X8Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 16:07:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 16:07:48 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LATUAEEC-Z-4X8Y
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
usync.js
eus.rubiconproject.com/ Frame F8A9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
44de01ec2e09eb464ebf0455bbfa1fe4fa58aae4a05b2b1e5898f5117d377edd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 19:56:49 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13736
content-length
10066
expires
Wed, 23 Nov 2022 19:56:44 GMT
ad-s.css
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		1 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ad-s.css
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
2a6cad09468b70f58c8a3c0645f508612ec535ea5ec918036bc3f12d53a536b3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
8043E6881DBDSZQ8
ETag
"8403b199cd6d832d75430c3e993c5296"
x-amz-meta-info
inline html5 ForScript
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
277
x-amz-id-2
rb2HIpGaDOVjU9UxFj8RX0XHyaoWsZG3OipsVm689aYRFS9aaQXwfQa3rNAcx+G1Zev009H1qeY=
hype_generated_script.js
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/hype_generated_script.js?497
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
03a0c039fbeb263242214ffc9f0d4addcf263f266b6a13bb55f04d6e5098b6f2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
80470F7BFBMHT7DR
ETag
"73f1203f462c5808f970180064c0e13a"
x-amz-meta-info
main HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
8451
x-amz-id-2
JWCEcQC17o06ERgJRxtXXJKHf2lk9yhIjGp3nojaDutsPJb069rTHLDNE2Bb0s3nreL06iOO3/k=
match
c1.adform.net/serving/cookie/ Frame F746
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 23 Nov 2022 16:07:49 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 23 Nov 2022 16:07:49 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
/
onetag-sys.com/match/ Frame AC2E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:11 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 0622
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y35FVAAJ2yMnWQAW&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame A0B2
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xxc63tc0u19
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
/
onetag-sys.com/match/ Frame 6C43
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IN5RliLYUpY72F7GJIxLlS_dVcs73V_EdY_78RwB
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 4733
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5234464901097473502&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame CB60
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 4248
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LZodSiUTDvuqukwqUEV-Yw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame CEB7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HUGpivJgRIZW38GiohQPJnRaSso
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 60C9 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:49 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame 12EC 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.115.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Wed, 23 Nov 2022 16:07:49 GMT
cm
ipac.ctnsnet.com/int/ Frame EB4D 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 23 Nov 2022 16:07:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
/
onetag-sys.com/match/ Frame C5CA
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f074879f22834367be40cd8f848a9b6c
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame FE08
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SLD7gVEY1OXShS5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
sync.targeting.unrulymedia.com/csync/ Frame 4E6D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2771d978-21e3-48e5-91c1-186eef521a7a-004&rndcb=7051712687
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6983446747434331023&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/1e6dca26-90e0-42bc-9159-ecb88c61fd7f?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
43
date
Wed, 23 Nov 2022 16:07:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 23 Nov 2022 16:07:50 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-2771d978-21e3-48e5-91c1-186eef521a7a-004
pragma
no-cache
bridge
cm.adgrx.com/ Frame B75B 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Wed, 23 Nov 2022 16:07:49 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
/
csync.loopme.me/ Frame 8283 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
server
_
cookiesync
core.iprom.net/ Frame 0C23 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 16:07:49 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-a899d35c57a9@version_1.531
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 4C6E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76eb28f3bd531c5f-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76eb28f21cb11c5f-AKL
content-type
text/html
date
Wed, 23 Nov 2022 16:07:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
362
141
match.deepintent.com/usersync/ Frame B0A6 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Wed, 23 Nov 2022 16:07:48 GMT
server
b
cksync.php
contextual.media.net/ Frame F523 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3122212667444262000V10&type=pba&refUrl=&vid=92196667583122212667444262000V10&ovsid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Wed, 23 Nov 2022 16:07:48 GMT
expires
Wed, 23 Nov 2022 16:07:48 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6EB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LxuR7vBRT1W4S265NGNOxA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132507
accept-ranges
bytes
content-length
5549
expires
Fri, 25 Nov 2022 04:56:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rcs
tags.rd.linksynergy.com/ Frame 6EB9
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9c6b179799f3529ba134cfec121cab273d999db9050a74bdce13b35e7b6c3650791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5YzZiMTc5Nzk5ZjM1MjliYTEzNGNmZWMxMjFjYWIyNzNkOTk5ZGI5MDUwYTc0YmRjZTEzYjM1ZTdiNmMzNjUwNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5YzZiMTc5Nzk5ZjM1MjliYTEzNGNmZWMxMjFjYWIyNzNkOTk5ZGI5MDUwYTc0YmRjZTEzYjM1ZTdiNmMzNjUwNzkxNDI2YjU0MTdkY2UyMRAAGgwI1Yr5mwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 6EB9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=53b9637e-454e-4300-b051-7df97098549b
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=53b9637e-454e-4300-b051-7df97098549b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
MT3 169 32252b7 master nrt-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=53b9637e-454e-4300-b051-7df97098549b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:47 GMT
/
onetag-sys.com/match/ Frame 6EB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkYxQjkxRUUtRjA1MS00RjU1LUI4NEItNkVCOTM0NjM0RUM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 6EB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDsMYkk_0PYmL8L_urcXJ6I&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 6EB9
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DB3ED47D56E04D00A9BDFECFD5ED10D8
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
2F1B91EE-F051-4F55-B84B-6EB934634EC4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6EB9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2F1B91EE-F051-4F55-B84B-6EB934634EC4?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.36.190 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
onetag-sys.com/match/ Frame 6EB9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4
date
Wed, 23 Nov 2022 16:07:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 6EB9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w8AeXglE2uWelxPkeSR26GXsRHMjFWQ-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w8AeXglE2uWelxPkeSR26GXsRHMjFWQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w8AeXglE2uWelxPkeSR26GXsRHMjFWQ-~A&gdpr=0&gdpr_consent=
date
Wed, 23 Nov 2022 16:07:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6EB9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7525670766553854172
42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7525670766553854172
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7525670766553854172
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
pool.admedo.com/ Frame 6EB9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6EB9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4488901378171304141&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4488901378171304141&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4488901378171304141&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6EB9 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6EB9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5234464901097473502
0
0
pixel
cm.g.doubleclick.net/ Frame C7B3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-0wwPF54ebHVHPUo8V9eXfkXaJ2jxJg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-0wwPF54ebHVHPUo8V9eXfkXaJ2jxJg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhKU-0wwPF54ebHVHPUo8V9eXfkXaJ2jxJg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame C7B3 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame C7B3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iOOuN-pkT_tvgcv-PhJqTudmxbom6rMxNH4up8hLlaw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iOOuN-pkT_tvgcv-PhJqTudmxbom6rMxNH4up8hLlaw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RY6716KJFFTC1Y7VMPVA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iOOuN-pkT_tvgcv-PhJqTudmxbom6rMxNH4up8hLlaw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame C7B3 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame C7B3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 23 Nov 2022 16:07:48 GMT
Server
MT3 169 32252b7 master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=53b9637e-454e-4300-b051-7df97098549b&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 16:07:47 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C7B3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame C7B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:48 GMT
AN-X-Request-Uuid
27a341c3-8cd7-4071-b98d-f5fffc327694
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C7B3 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=sRHVUF5qnm7oHhs6YEJwXTCzfpL_E22jS_BGRvb9k9g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame C7B3 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame C7B3 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-length
0
/
onetag-sys.com/match/ Frame C7B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGpdnallpgCwXWQJ4ZMnZhM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame C7B3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame C7B3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=afa73f1e-2282-4722-ab92-69e030e1dce8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
cs
cs.minutemedia-prebid.com/ Frame C7B3 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=sRHVUF5qnm7oHhs6YEJwXTCzfpL_E22jS_BGRvb9k9g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Wed, 23 Nov 2022 16:07:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=1499&cid=692626968.1669219663&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669219663&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&dt=%E9%AD%94%E7%8D%B8%E8%87%BA%E7%81%A3%E9%A6%96%E6%88%B0%E7%B2%BE%E5%BD%A9%E5%A5%AA%E5%8B%9D%EF%BC%81%E3%80%80%E5%A8%81%E5%BB%89%E3%80%8C%E5%97%9A%E5%91%BC%E3%80%8D%E8%A2%AB%E7%90%83%E8%BF%B7%E5%AB%8C%E7%88%86%EF%BC%9A%E6%8F%9B%E4%BA%BA%E4%B8%BB%E6%8C%81%E5%A6%82%E4%BD%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4A07 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
44de01ec2e09eb464ebf0455bbfa1fe4fa58aae4a05b2b1e5898f5117d377edd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:48 GMT
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 19:56:49 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13736
content-length
10066
expires
Wed, 23 Nov 2022 19:56:44 GMT
usersync
usersync.gumgum.com/ Frame F8A9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LATUAEEC-Z-4X8Y
  • https://usersync.gumgum.com/usersync?b=mag&i=LATUAEEC-Z-4X8Y
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LATUAEEC-Z-4X8Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LATUAEEC-Z-4X8Y
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
HYPE-664.full.min.js
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/HYPE-664.full.min.js
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/hype_generated_script.js?497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
89c75549ec37405096a983599087bad612e0b0b109e81f1ed33bbe3e38ff5524

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
804AB78R04XPH8PP
ETag
"7d5ba1b9c9885006b1b59cd93626333b"
x-amz-meta-info
HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
39629
x-amz-id-2
ITWpIXHG48LcySD9HZS/I1n18OomQxi8hYpdyyOlRjOUbEZkHrTXYk0VN6yMg6++9eLdjC9WisE=
pixel.gif
px.moatads.com/ Frame F490 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&cu=1669219666457&m=2363&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=1730&lg=1&lh=44&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2857%3A2857%3A4552%3A2867&aa=1&ad=1119&cn=112&gn=1&gk=1119&gl=112&ik=1119&ic=1119&ez=1&co=1119&cp=1265&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1265&cd=237&ah=1265&am=237&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=209130713&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 23 Nov 2022 16:07:48 GMT
cs
cs.minutemedia-prebid.com/ Frame 4A07
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LATUAEEC-Z-4X8Y
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LATUAEEC-Z-4X8Y
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LATUAEEC-Z-4X8Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.215.164.221 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://eus.rubiconproject.com/
date
Wed, 23 Nov 2022 16:07:50 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LATUAEEC-Z-4X8Y
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A2D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3376092955589538&bg=!7e6l7qrNAAbvMpMzzzI7ACkAdvg8WnzKUXpGWpRpMGRShpb3ydRq27H-Twg5fFNVwoNj-XywAY7E7AIAAAFyUgAAAAJoAQcKAIp4bzy1oLvny3qU8s_0PYo_omK1ov6OloX1-iMfbgGrF_VhkGHu0frMX_v5pUtIbbVFtARXoLTPBRbKlBZ8jqxmyr9tMG8TGi6dW1ASIqiEfPMTbpEzWGxO66LE7BbZDQs7IWnMCr3XjBhZlK63-_AF9KCSTpnI7UU9mpxw57eidn7AKpKHfeV49c6ZAswmK9ySmwnITlFXueZobJ_mIZyPg6Y_IdJNsOqpQbsggd36ftBXOPiskDi-nwvWXH3EPRMp4WHVEVgAm_ULzOopf4lE1eZroMODN8K1ILksFgs7NgnjQzzKRY__mOwWRLGGvE__7dWq6ey-o59Mbnsp-oO7PBMqxkCAivyJ4cmotV9khPAoorkz4LuRNFPKzV0r4ysvZl8At8m3KxO_WlvN5HVY96AS72XibWya6wIm4G4syexOg3ohqEz02-cuPFr8yokLq51jSbPdldulQmIAVonq86AStKuVWHlZAwIaAaGl420wOy1peXd12_BT636WUlpnCV4OfCkvWxzPHH0N-e6y94rtKi0djBrrzNTCxcG5BOJpbt3v40lDwWNl9mlFn8V1wMqL_cIU6vU1HNmT-vxj6p9UrR6ze75z7RoZdHxGJ3K-_aecO_eeMWdBRQLjHViqnooiAIAmw4Zrlpt-NWokebxga2_F9eQDRy9ptFu8gWZ6AaT2unzi-MCEebttID_I49HL5egjwL4RCkvmCD8C8DxaTbnpBNlhB7zgEEBS1FeZSFxj4l4tx6NtZJ9_hGtU79CwuHFdD3q6-9ndno-IFWkI5SwE8N-32tkXSv32CwH-r7mHRVTe9y-coXvYkkMMGKM6mDSiFRgYlzjmnEw1phjfaiPp-rWzW5xY0j7XipWZK9wlfLTgQIiPjUEAt52B0f-JEVatZWm0DP84mYh8b-17B4CDJshn2yAhyxYIh1XjKj5lDWIu8jHIJ1eaq2MOZtZ0eqYyuIXxUoOulM0MxpwNU8k5hcpudf36VMvZOM9Kw6SaH9It-gME9k50LhrC0po-CgBtEsB4RxjjDyDVMqMDxrOyoAy5yVh_d_Z5O0NWzz0joE4Su5ZsYKCyTiI8x1CnLmTVvf9GJ50VwCxVlVvRlHCdxiwZRXhfZjuQ9_LfNDu5fFjC7Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B400 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3787270395849209&bg=!PD-lP3vNAAbvMpMzzzI7ACkAdvg8WgUTjlS6GTFuY05AixabU213S5BgGdXe8F0p0cRz28oPMXrBHwIAAAFiUgAAAANoAQcKAIrGdXOngobu3n7wk4X8nzjeiOR9RWYDxTGjrNAX-TKcRKgI4gi3WdDKHYIriBxIGlnyQ1OEfb3a-npO56pxsLcl_IwWKuQTIw9wJVZZvDAT-tNGTXhSMg7kOvpe_Mx_nkjjaubaSjzVOcg-wnBqap8_W9go0hvwm53gk1ibBBoomNd-rvxccjrWhZeZArWxC-zeppIhcf3_sH72tKg0UyfQhZJqBtS5TVauLGDkAvtsQa77o-W29noiHwqPLKfkk7EicWlX6RhiVpJjhzZplVoaJ6Vpoce9rT-ib7wFJHck5Asf4I9TdIH9xWmIo4kIasFLXbh-2BkDoM6lhCB5Rx1grR2KeGVqpEdh_GdWRqYxMNZshd9mjjVlqgcwJAOrF1krZxlCe7cqkaH7Ennbf98FBiOOaPMq2nKUb4UTa1hjPq8InAKt2YGYpbY4o-nTI2czdzWmbedcs2juoCdgoMZtDyWxOKAyXsnRt_xsLmtsjSDd-g1XlajYLA4DYwrt3c0tqUxNpkftF8cgxam9pM8eu-PS9CWklpRlzNDdXbG4d404gOaWVBvh212FjTE5Lkj1FMC44CVSsueHHrPvvosMRgydMa8LZKpZKYdEd6jIpLsNdo4X-JofoudQxxZiybINKO2JFDnTEl6bA7kso0MsE6c60b5dg1LQUBYhYJpwMr-cjHLbdVfM0vK-Wwo_HH6BJq6uLyWjxLLxj3iKEkTCjZ3EyoPR0TG6JRdjMLfJcjxnzUnYsGS26DRTmGfIB9jnrhMlIi-7Vh82RSaUsQ6TWfe3ujrqJAAwBpe8xrAFhXsyO3uNjgsC640xZX7UDDbvMm2dSR411YDOGgxksKS4nrtMfLK-vLrFSY3bB0sRWezBoXLbsOVB0oJxR7WxhA9KHxPuAXZwMdWrh20ZatLlMET4WwgUPgxKCmVvGf8XpwbX_fHHZ10H-kTIvPF3MYFLm-anjXEVnkPmynt03ZMQGxk5RJsbb4aXjSiyzcbpz1TAvqKD12AU41mxYwKj4_CANGfDGEnXYq_Jjjx7h2Wg-03e7EEc8xkNbCPOJY422L5WTcPCVDjuo-zvYZyTr3gzfkO_ngxDjQJDPQDjqOV_aQg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F6AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2806712281034857&bg=!VValVhLNAAbvMpMzzzI7ACkAdvg8WjGtPSRLYlLWeb3oC5tjXV5C3nQv5UqF5svG-a3a2jdJzO7BogIAAAFFUgAAAANoAQcKAJKgZb9Mm-rDLJDI5jZN6zI62EceTwLo5Eiw_PQ0vtt8hlKS4vPpOeLr6s-271hmseaRBuxyTVT6EpqUdjxNTZcbfdDGsXAreBai3VJEsFgcvNfQsuwIAJch9I1yTzvIDYvgdZ5BLsu9cMyrRZp-8BOpcwlfJlk1T2tJ5ekbTixsGIEadx1PwW1RBkKRD_Xd658lTZkC96Cl9LSwUaOUMu1Ln3jyRQdxBio0H0dbqWsVISaH-r8NDEmpq339Zvt0_2vTnPhqPO_m0cqekXswWGKL2lPD5s9vr4J8shJZyM7K5eM6M2S8u0H97b5FJYJviiXufcls8MvEwuQ4rq-3kta4Rjpk-tfJlvvb0kZf-TDGxnk5cXzrvaeViN75A2yV_AbxSyhckccCsK7tv3A1QYt0_hvDO3FVwQCtRf_G7n8xLpbLbM80o49zOovJzCBOZdwa_B2QTf91G4W42_1bwpCrFjcps3aCDh8xn_JNN_L2G_hPVqTEuqeZsDULpiGmHcJzaGPSlVuBSsnYKMWYw6mYk6zY5IQ4EOCm04jOYws8DI_iQKHoek49dR3yEU0zYVFz0l29m8ZCE0pEBqUc3GkZg7gbsBjVQCvPH8xHBDW8Fl2b4Wx0KvwbrW_HDnuVjq9ATiIwBZnt29PGvGzk37bHGUXoqz8C9fVgUK2xHI--jP4DXvojJh6D3ohYm6n9K1p_MVXmigbvP-pxyiV0bSSDZecear51MXjDmx-30-9TR5AK8tqjPM6xmwygXN76jEZn1bzOcPqli9QHH3e6_eGhcpwICCHwluDI54N88rIxP1v2tLd79h7Q0-4v2MVi459Tnrr0wIqLgCfnResS4L8Me_CEzz-W8VyM2Nfe-aliyWX8SPfGsPxOfcv3AjN4U-gV_b9SBpSiRrYZd9kca1odMHsuk-vfv7sP0PzzkFej-K8-QZRxzNv8Qf-5STmFddVXYfNehOjnVamMdLBpPE5AO_rd0eBjSIZrWNS9B9GuLnYIJhvE1CMjQQZFh5Dw5I0CQG2fLbZNm7DhEa_x17Sw9f2VVrHhMLKMbgzIUrof9eZuLgnpuNesAKRIq2dXXZTsGzDMuATJ-QBejVcuzE388Jb_pYzY53PgEhTsVAzn1s9x1QvceDG46Fd_bvMxQIrMdCfHAKRedWK9szdbnM7zLL1_5Mv7JpuXejP6GYZO-8I-gJs9DRuoGGWR8g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
HYPE-664.waypoints.min.js
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/HYPE-664.waypoints.min.js
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/hype_generated_script.js?497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ffbe7900c0aac72ca80d9ec3b1e44090b1ca2b37f9f3faa8a0a321f3d546c63

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSWDGDAZ0B0XV81
ETag
"5daa49b11df8b1a9c1efbd8b5f5006af"
x-amz-meta-info
HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
3359
x-amz-id-2
9sFxXfLmfr2VBKOrQCL5Cj8VDwWipQhnCevqJu936sPztRQ99IRmznGVQvtJr+QN4Z2bBppEtus=
um
u-sin01.e-planning.net/ Frame C301
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D42561696ce1c6d21%26uid%3D%24%7BUID%7D
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=42561696ce1c6d21&uid=06cb0e07-955d-4050-b6ae-279340ee027b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=42561696ce1c6d21&uid=06cb0e07-955d-4050-b6ae-279340ee027b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Server
64.120.110.138 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Wed, 23 Nov 2022 16:07:50 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 16:07:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=42561696ce1c6d21&uid=06cb0e07-955d-4050-b6ae-279340ee027b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
kjgtkdhj3oaor4tgnb9bbgmpp5dcu0e9
ptag
a.audrte.com/ Frame C301 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.53.149 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7809ae817d441fe7c31cf6c1d74c2cea137d761a58dba2d0335ebd62475b5403

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1647
um
u-sin01.e-planning.net/ Frame C301
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42561696ce1c6d21%26uid%3D%24UID
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=42561696ce1c6d21&uid=5234464901097473502
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=42561696ce1c6d21&uid=5234464901097473502
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Server
64.120.110.138 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Wed, 23 Nov 2022 16:07:50 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 16:07:49 GMT
AN-X-Request-Uuid
1bf46083-b882-4252-8b33-3c53278027cc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=42561696ce1c6d21&uid=5234464901097473502
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame C301 		478 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.242 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:49 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 16:07:49 GMT
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 7FBC 		0
0
pixel.gif
px.moatads.com/ Frame F490 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&cu=1669219666457&m=2364&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=1730&lg=1&lh=44&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2857%3A2857%3A4552%3A2867&aa=1&ad=1119&cn=1119&gn=1&gk=1119&gl=1119&ik=1119&ic=1119&ez=1&co=1119&cp=1265&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1265&cd=1265&ah=1265&am=1265&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=1859818821&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 23 Nov 2022 16:07:49 GMT
BG.png
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		464 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/BG.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4241ea327760166712f8b8d5db03c02d86aad9cecc8fb034ba23e58084d79041

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSJE60053WZGE5R
ETag
"b54aeef6cf7c57a5a997e5aa10a1900f"
x-amz-meta-info
resource files
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
475731
x-amz-id-2
3X9NwTtYQnkG/eW7GWjtbgknlZfH+Qu4cpLIPlKdh6e6UeEDKM+k7Od1hhjWBe7kyLNpAP4Qx/Y=
__Arrow-Button.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		880 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/__Arrow-Button.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
48a9560e9dddf4834139c3b4abd37300dfc9879ac686d3fba921a1488ee4dfe2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSMR9WEDT0343J5
ETag
"7fb04916458ddfc35012cb9c7eb0bf06"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
531
x-amz-id-2
yMeeUoQL6AvfeISUNpwG8vXqu5OvG1nn1VZZJ827svoFQ+sGiACj4KQltDhNrgIO3gORpU4bajM=
10330%20-%20left%20Arrow.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		462 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10330%20-%20left%20Arrow.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
95e68c47129d6385026c1d1023eb3ebc673b14c04e2ba231b50ca92c64394ebc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSMDD9TM66NGCHW
ETag
"4f2fb388c2b2c0c93ff33a646a2fc6e7"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
300
x-amz-id-2
cZ/dxe+yrK1MEjfy4YI4kPxRv7VIqIFUB8oTU8DBOJADMSeoPx5Ny2TgBclxbasZmDLYIh2YJpE=
10330%20-%20T%27s%20%26%20C%27s.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10330%20-%20T%27s%20%26%20C%27s.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5d19578ce8569d6e11f49de6a368c1d50127789c74ed6a22ec2e729603c83d89

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSNDXH19XBS2SK5
ETag
"4a8755e9915ec3eac683790b96c7e967"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1693
x-amz-id-2
XieiUYpP7zHXBL0E6h3QFpFZxuH4QrUNUoOLMp3m5MD2VgjeEepzTcWOV1/YmDnBep7/YGEDUXk=
10330%20-%20Price%20Tab.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		276 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10330%20-%20Price%20Tab.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5324356e31a6d74709d8bf8d391935177832384e730b5f750e0e8e64a4aa687

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSRNS3PXRHW7SHK
ETag
"528253923f45ac7e23df9dcbedb39eb9"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
199
x-amz-id-2
zzjSKjc4ABzHz1dGQEHrd07o7MaZnHQRz/WzFj3aYj7+lEyA3DsPtDVQpShUGVUqDV4bhmxCQSw=
1Logo-V21.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/1Logo-V21.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
eb4f52fc122c0242eef6f384c14dc3276cdf50c7b44493d37217a9d215e851a9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSNFF0Y7R3ESD80
ETag
"88cab12993a9501e3835e2e864907b68"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1115
x-amz-id-2
OrWUe7CoOAsJi72ybC+Q5TH2atskSJvVWiU/a5NRjlrd3SMK3xkakbks0KMOD/aGVmaurlYC8Co=
10397%20-%20300x250%20BG.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		268 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10397%20-%20300x250%20BG.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6fb356dfd35ec78b65317c8714faf5c01233ad66ba4ff38b29c5ffbd09f56817

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSKFAA0DQT7H9Q8
ETag
"d367a3fd6ba903a068130e29bdff294f"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
195
x-amz-id-2
7DgUnQ/XZuHmG4dkox1X5P0QJ3O1VgdbTTex6oKrzLfo8qQJNqEVdU+46B5E2A4QMXvbMhhssU8=
10397%20-%20Logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10397%20-%20Logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c514ff2c0620e171a036dd0c73b943110a86e54dd155b968d279e2aef9009a84

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSN12S36RZ8X1PS
ETag
"ac857d697b7514af617d45a98e34eaa4"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1031
x-amz-id-2
dwVtwE6AdOIsre7s11j8/qtYdy01dYpyUOFgp6ohn04JqDj//PJgvJu4q4IBKB+q06tvnz4lF2M=
1Logo-tagline-V21.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/1Logo-tagline-V21.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3ad3e06e306529fa8b95980be3e7dd1f44ba6d1cfe604513fd83b7056eddf727

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSK98J3DY7PMZSB
ETag
"f52b0e0304f7116922de87f47797c37f"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1716
x-amz-id-2
LUN+ZTMpEoA+wXOXcJ2XF7YAMBJYXPM9q6Hw84xswo+La2KgZ31g1WlZHN4TSuuKIhdU0ckOwag=
10397%20-%20Arrow.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		355 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10397%20-%20Arrow.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
59f73c2a7b531c662a9bf3dde2ec64ce25120467f81ac11a53db9e758fe26f6f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGST4DM8F87T8211
ETag
"36c8f9731ac58cf894efe82be86c0b12"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
234
x-amz-id-2
srGXJHf2OaPcMZwPsBKH8rrzlfm4JZlLI5RM374uPzp3V9c8VrT7pfxIZA6snPJdnTb/fZWuOZ8=
pixel.gif
px.moatads.com/ Frame F490 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVjuwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669219666457&de=806985856119&cu=1669219666457&m=2365&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=1730&lg=1&lh=44&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2857%3A2857%3A4552%3A2867&aa=1&ad=1119&cn=1119&gn=1&gk=1119&gl=1119&ik=1119&ic=1119&ez=1&co=1119&cp=1265&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1265&cd=1265&ah=1265&am=1265&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3A8HYWuPumSUa87ydykYCOaQ&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=1032802598&cs=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 23 Nov 2022 16:07:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 23 Nov 2022 16:07:49 GMT
10397%20-%20Logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10397%20-%20Logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c514ff2c0620e171a036dd0c73b943110a86e54dd155b968d279e2aef9009a84

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSM85DXJWK5466R
ETag
"ac857d697b7514af617d45a98e34eaa4"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1031
x-amz-id-2
6qYmGGLnn7VbGITfKU6bcsb6G0yu3uF4WJgVdmjI9g6xe1c9pH7yccgdaBDaqH4i5bibMBD1Gnc=
free-delivery-display-560x270.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/69c8ac60-2998-4915-9900-20460fa9b1ca/d08ff667-0e48-4c40-9ef3-d6427e2ba7de/ Frame EAA9 		58 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/69c8ac60-2998-4915-9900-20460fa9b1ca/d08ff667-0e48-4c40-9ef3-d6427e2ba7de/free-delivery-display-560x270.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
71c90c4754e4d1d2be5e0627027a46931baf4a7e5dd5e504a11c0bd8681d5a0d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2022 23:22:24 GMT
Server
AmazonS3
x-amz-request-id
NGSZZXJM7CESYRTE
ETag
"d0e304181f18834adb5d5e162a68ab6b"
x-amz-meta-info
feed-image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
46969
x-amz-id-2
civQyFwPRLwTOhndtWKOIiI+21CLJWQVibblS83eoi6LfPqbsHOjeQxRceZP1As/kqD6PIjvtD0=
10330%20-%20Price%20Tab.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		276 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10330%20-%20Price%20Tab.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5324356e31a6d74709d8bf8d391935177832384e730b5f750e0e8e64a4aa687

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSR66M98J9EGF3K
ETag
"528253923f45ac7e23df9dcbedb39eb9"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
199
x-amz-id-2
psrEVCsKrzeXcGWUWAtMy1cFe8kZKo9nAdPckNQxMYqF/+1Nlco6gSfG/xo7mQmcoJbXYCe30/w=
350102-prod-1.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/971ed134-cb45-47be-886f-250aaa10e28e/f2f8938c-64f1-4511-ab33-b2d243aab33f/ Frame EAA9 		17 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/971ed134-cb45-47be-886f-250aaa10e28e/f2f8938c-64f1-4511-ab33-b2d243aab33f/350102-prod-1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5477d8ca5eff9fb6dffb92766a3166e47cbc7d94935fc116576c676da0412193

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 11:25:28 GMT
Server
AmazonS3
x-amz-request-id
NGSHF7ZX6QTB514B
ETag
"f404e54aadb2bf0d6cd0d1ececde6100"
x-amz-meta-info
feed-image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
16304
x-amz-id-2
+/gTdSAFe3yWWIddYDx5e4BvkONQ5FfU3FYJGkrGRmN6m2jjn3n33YJfgIUfqIce1hn4Q9e2HM8=
10397%20-%20300x250%20BG.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		268 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10397%20-%20300x250%20BG.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6fb356dfd35ec78b65317c8714faf5c01233ad66ba4ff38b29c5ffbd09f56817

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSY7Q65Y5SBFSVJ
ETag
"d367a3fd6ba903a068130e29bdff294f"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
195
x-amz-id-2
244Qp3cnepk7QT4DpO8YSzVkOwLEeaNqcs3bQygEnl5S7UCZmvG3y3iPWYgb/bHolqgEuQDrPuc=
1Logo-tagline-V21.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/1Logo-tagline-V21.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3ad3e06e306529fa8b95980be3e7dd1f44ba6d1cfe604513fd83b7056eddf727

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
NGSG5KGT48Q8GC21
ETag
"f52b0e0304f7116922de87f47797c37f"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1716
x-amz-id-2
2hRLuRQ6tzqW3w/X6qhtAdJjX2md52KMd6m5Gr3bpNvF+LcZyN148uViVTsRejQ5KWmFeC89xoQ=
10397%20-%20Arrow.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		355 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10397%20-%20Arrow.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
59f73c2a7b531c662a9bf3dde2ec64ce25120467f81ac11a53db9e758fe26f6f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
PKBHQJNYMCE84GZ7
ETag
"36c8f9731ac58cf894efe82be86c0b12"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
234
x-amz-id-2
pzD84khGRs8MGnGDAu78mb9LoOSgnysE7YX8RlxaA8syrbxgnymDPnpDsLcTKlwS63r7SMs/Hdg=
10330%20-%20T%27s%20%26%20C%27s.svg
s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ Frame EAA9 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/10330%20-%20T%27s%20%26%20C%27s.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.19 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5d19578ce8569d6e11f49de6a368c1d50127789c74ed6a22ec2e729603c83d89

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 02:20:14 GMT
Server
AmazonS3
x-amz-request-id
PKBJ34EQZF5RZ4PB
ETag
"4a8755e9915ec3eac683790b96c7e967"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1693
x-amz-id-2
mAnduQgE3rF+KOZ3SU6xwYj3i/XTLNqvI6gtJSGzxCgsck6h0ph7wFKIdvS7UAXMGR5q9HavZTA=
Kanit-Bold.ttf
www.adtrek.co/content/webkits/Kanit/ Frame EAA9 		169 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/content/webkits/Kanit/Kanit-Bold.ttf
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/5d2b69a0-9f47-41c8-82da-92b27c2f871e/ad-s.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.31.162 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-31-162.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
75d6293d3b3b235995b241146df53aeb2b9c5105cf70bc77ba83ba8fcc642eb5

Request headers

Referer
https://s3-ap-southeast-2.amazonaws.com/
Origin
https://www.adtrek.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:41 GMT
Last-Modified
Tue, 30 Nov 2021 19:16:30 GMT
Server
Microsoft-IIS/8.5
ETag
"0fb6dc71ee6d71:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
172876
AstLd
www.adtrek.co/adserver/ Frame EAA9 		16 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/adserver/AstLd?cc=c7614e22-e63f-4894-8505-f9be4aae4495
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.31.162 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-31-162.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/adserver/frm?cc=c7614e22-e63f-4894-8505-f9be4aae4495&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCDieOT0V-Y5arAvrg3LUPyJqPwAyYypO0bYqe4b2GEM3Vw_zQKhABILqEwDNgq-yxheAYoAHg1LKeKMgBCakCChQUnvmzpD6oAwGqBNgBT9AZlTqnn_gcE6diIgrLkBIj4s_a-NKgc5eUdxWbIZraDF5yDzqAqEaDHg5Q92WqMr5Cq3vDI3EU_x_kTwCxoHQNt02Z-ROKA8ADZ93IHXHs7ALTpl1ZKHPvtSCGDN3LB7E8zo01magv0Hvx-RjzJdAwDasYyU921xAjK2ROqNdBOfQMxkjUDYIv8ISR9QgXNOZIr74gScn5OhQbCGJOEPwGoFCvHBhD77I1PKjX-g6Wz_nEDoveJ1RBhIn9vauylo5Qla50IjNw4-ppTcy4kU583qfGk8j6wASUjMXl5gPgBAOQBgGgBk2AB-CMg_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT1Y2cEcgTw_Dn3gPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9WBJCa9r_pl3nxqS_3VlaR715wEM5JEnjXFeImnCnV0OvbIddPTzFYnt-cLIwnQgODnpf9_t8GAEgEw%26sig%3DAOD64_0yw-WzLUdf2w937x0oMlVTjg0JtA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-D-QkWpnUZasfZgqwf89nigGZmWat_smw5Lj3ac4f93qia2UY5N71e5l8ATIzJLFahlxCezzFJDeJFfA_m2mJ0Qu7i7rzKwATgN321u7ZH1t0UZQswvFONCUxYpP6WOXNjv54tZvC-B7-UJZSKirZL1ANENwJ9gpwv3SQjTvR0YHTANSI4%26cry%3D1%26dbm_d%3DAKAmf-ByaShiCLBNC_N6rhmMq3kyJbOKP9wFJemEeMtx_jlEeHmhJJaFDGVTNNF4G1fw-HYeDtgvCfIHt-a8UR03An0a5mDbLBjIz6DKDtKlR49sJqU912w5oFfOaMlsxj1iuJAPb2Y6VkeglvaKe5CTBV-F8UD1PIH04FWIiJC9US7iRQkvJJqwYK5zXW8d5R-I1sofKCLpwY4d3Qvyt-65JwhN1XpLpEAipj-84I2x_7BVGS9qNXCWKHYuXll5v0gLa1M3PyK1waoRsbhj8zg6QuVlJcw-C3lXHZWSEXbfcNzd2F8PfqAiDffg_fBIgfQuX1eXTr9Y_oBFjvC4Fr3vcASy3RqZ_9VibuAvswwpzRlRSdObwp0i0PSHbQWN84YAgHy4l1Ds16o17_Hx1v2oLOk5D568vQ5eBQu4DW3FyUprnWk-TPJpTwkw279U1QUgzfl_9AZIrwPZ6mp29nL7Q8JC_PpnF-lJ6IlWHLYCdj1y8vpsgxZzDsju5twATFjzIKvEYHd3evJBiTwzUhOAQ7La6tdzBqhVkNmCEFwW6icj2sDerjQ1fHq0cz4ygM7NSRZX8qPT3Of0ym1Qq9BCZBm-0gf8uBfUlCHcJzgZ1j0Y_z8h8A-uwmVmAYqLyD7_viXrvN4d6rTnh2twHy8rHVAT9DWiyCZ4ro0TZXRz8ePiVP8vGvs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3dc7614e22-e63f-4894-8505-f9be4aae4495&ord=1669219663038294
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 16:07:47 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
16
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 8FA4 		636 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.242 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 16:07:50 GMT
etag
W/"601b131c-27c"
expires
Mon, 22 Nov 2027 16:07:50 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
cs
cs.minutemedia-prebid.com/ Frame AD67 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 6EB9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3122212667444262000V10%26type%3Dpba%26refUrl%3D%26vid%3D92196667583122212667444262000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:07:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008238135447&ssp=gumgum2&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=950ebf06-b944-403e-aa1f-085ba9d8d2f5
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
id5-sync.com
URL
https://id5-sync.com/c/102/3/7/3.gif?puid=53b9637e-454e-4300-b051-7df97098549b&gdpr=0&gdpr_consent=
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29929%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D7ea63533-f956-4845-983d-1702dc7dae4e%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlxV1doMGRIQnpPaTh2WTNNdWJXbHVkWFJsYldWa2FXRXRjSEpsWW1sa0xtTnZiUzlqY3o5aGFXUTlNakUwT1RVbWFXUTlkV0V0TUdNMVlUYzVPREF0WVRreU55MHpaVEkwTFdGa1lUTXRaR1V3TURGbFlUSmxNRGcyTWdJR0REZ0ImYnV5ZXJ1aWQ9%26uid%3D%24UID
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/syncb?pid=186
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=be99bee9-67e9-40d8-8234-58a674796738&gdpr=0
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=db591510-169a-4319-b91c-2cf6672336b4
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=c9e56cf9-dd31-4211-b4a7-d82b4faf16aa
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=2F1B91EE-F051-4F55-B84B-6EB934634EC4
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-pmeeofNE2uHwGBSz8exrFiT4RCLZdmQ_hrefNnA-~A&gdpr=0&gdpr_consent=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=X61fxXZak_mm
Domain
tags.rd.linksynergy.com
URL
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e6dca26-90e0-42bc-9159-ecb88c61fd7f
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2F1B91EE-F051-4F55-B84B-6EB934634EC4&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5234464901097473502
Domain
i.e-planning.net
URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21506&id=APs7aB9Ucnayv3v9

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| _qevents object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries undefined| google_measure_js_timing object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| quantserve function| __qc object| ezt object| _qoptions boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

61 Cookies

Domain/Path Name / Value
s.c.appier.net/gcm2 Name: _lastau
Value: V-Yw
.3lift.com/sync Name: sync
Value: CgoIoQEQmpX7qcowCgoIgQIQmpX7qcowCgoI4gEQmpX7qcowCgoI5gEQmpX7qcowCgoIhwIQmpX7qcowCgkICRCalfupyjAKCQg6EJqV-6nKMAoKCIwCEJqV-6nKMAoJCF8QmpX7qcowCgkIHxCalfupyjA=
a.c.appier.net/gcm Name: _lastau
Value: V-Yw
.aralego.com/ Name: sspid
Value: 68f51386-dc42-344a-be53-ce4f52f4068c
www.bg3.co/ Name: __AP_SESSION__
Value: a2eaf26c-eb83-4bfb-9030-f91658226fba
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: f4473c80-6b48-11ed-a8b9-6045bd21b161
.adpushup.com/ Name: ap_usid
Value: f4473c81-6b48-11ed-a8b9-6045bd21b161
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: ecb9be91-8545-4c4e-87f4-2f6ea592f30b
.bg3.co/ Name: __gpi
Value: UID=00000b822098f461:T=1669219661:RT=1669219661:S=ALNI_MZjzNze2qVlHTI50_f5fZ0lquTYmg
.openx.net/ Name: i
Value: ecb9be91-8545-4c4e-87f4-2f6ea592f30b|1669219661
.doubleclick.net/ Name: IDE
Value: AHWqTUn4v_WymIpR7ZX-vWUmKHwqmEGq1BAjuPV8qRhN0kd8qys0GSIEodbdkmfDVRI
.omnitagjs.com/ Name: ayl_visitor
Value: 78f899bba62820a83072a8854f87a97a
.teads.tv/ Name: tt_viewer
Value: 66813733-3341-4fde-9f78-9e7004aa27fd
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwzor5mwY4AUABSAEQzor5mwYYAA..
.adnxs.com/ Name: uuid2
Value: 5234464901097473502
.rubiconproject.com/ Name: khaos
Value: LATUAEEC-Z-4X8Y
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ+059dnIIic3Xrd8oPN4aCbY1Lhp9WVJQCXPCzSDvyvS5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.quantserve.com/ Name: mc
Value: 637e454e-5852a-f9038-097cb
.bg3.co/ Name: __qca
Value: P0-1719831330-1669219661474
.casalemedia.com/ Name: CMID
Value: Y35FTk47-C13IzGVNooSSQAA
.casalemedia.com/ Name: CMPS
Value: 4784
.casalemedia.com/ Name: CMPRO
Value: 4784
.mathtag.com/ Name: uuid
Value: 53b9637e-454e-4300-b051-7df97098549b
.ladsp.com/ Name: cr
Value: 1
.r-ad.ne.jp/ Name: r_ad_token
Value: 51bG7h006BDAY008TJyl
.ladsp.com/ Name: smn_uid
Value: yAUHqoXX0W5LhNzlToYXPQ8cFLvgfog
.zemanta.com/ Name: zuid
Value: zq2xujy6wtN8OqpAFqWq
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1669219663.1.0.1669219663.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.692626968.1669219663
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2771d978-21e3-48e5-91c1-186eef521a7a-004%22%7D
.bg3.co/ Name: __gads
Value: ID=0db53c8c8f248e9f-22aaee2aa1d80056:T=1669219661:S=ALNI_MZQHxrslyMtraSccilg5elhe7M3AA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2771d978-21e3-48e5-91c1-186eef521a7a-004%22%7D
.c.appier.net/ Name: _auid
Value: LZodSiUTDvuqukwqUEV-Yw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTrqHS$6!]tbPl1M>e)ZlrFUfJ+tGXxo3TevWiT%-_a8c'rj]0'-gZ._00Zsj#mX@r5w*bpRz*qF1`*b_'@)zFvR
.yahoo.com/ Name: A3
Value: d=AQABBFFFfmMCEMPumj8WEqu_Svd2QSrGW4sFEgEBAQGWf2OIYwAAAAAA_eMAAA&S=AQAAAk910uP-LmdYbbZFaUY1xyE
.bidswitch.net/ Name: tuuid
Value: 1e6dca26-90e0-42bc-9159-ecb88c61fd7f
.bidswitch.net/ Name: c
Value: 1669219665
.bidswitch.net/ Name: tuuid_lu
Value: 1669219665
.openx.net/ Name: pd
Value: v2|1669219665|jElYiuvOiahI
.yandex.ru/ Name: yuidss
Value: 7543448391669219666
.yandex.ru/ Name: yandexuid
Value: 7543448391669219666
.onetag-sys.com/ Name: OTP
Value: LYZ8WOUPLipwm-wAbSghlXAoQOOha_LPkBFRnfImjGY
.adsrvr.org/ Name: TDID
Value: afa73f1e-2282-4722-ab92-69e030e1dce8
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22afa73f1e-2282-4722-ab92-69e030e1dce8%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-23T16%3A07%3A46%22%7D
.3lift.com/ Name: tluid
Value: 344553805385465363144
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1d41a98a-f260-4486-56df-c1a2a2140f26.UaBQBlkuwtVP7dXUh7T4VLDmskEvWafAKbBQi4m6LJw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHUGpivJgRIZW38GiohQPJnRaSso.OA2UQFmOVvejovPFAbey8thGjkhycOxF9PjXi%2BDDvGc
.ladsp.com/ Name: lum
Value: CJmT-6nKMBIFCAEQqAESBQgDEKgE
.media.net/ Name: visitor-id
Value: 3122212667444262000V10
.openx.net/ Name: univ_id
Value: 537072971|afa73f1e-2282-4722-ab92-69e030e1dce8|1669219666565043
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY5MjE5NjY2fQ
.rlcdn.com/ Name: rlas3
Value: EfJjs06547doV/BAkAN4M1PcIul45yde9VlcQEThKUE=
.rlcdn.com/ Name: pxrc
Value: CAA=
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIuqyfzdzdpjsQBRIWCgdzdng5dDUwEgsI0oGMz9zdpjsQBRgBIAEoAjILCNL5jvzy3aY7EAU4AVoHc3Z4OXQ1MGAC
.turn.com/ Name: uid
Value: 4488901378171304141
.mathtag.com/ Name: mt_mop
Value: 4:1669219666
.casalemedia.com/ Name: CMTS
Value: 4982
.bidswitch.net/ Name: google_push
Value: ASkJ3FagapoMqB34kGAelG2TwzcBJ_dp2nQO_X7KlmNW4r0M5-RJKSam1CrTXIIgYnSSk_GBCQLTapSPBzXnKjdSoa4_4C1YDjQDmHXwEQdBzDG-td7G4ISfJ1AwQPx1Be76FHX6yAwYEkuL8g

21 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/84390069eb13b5b8f8f44ec7017fce73.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a15a833bb81943461b4929c81b1e2fc3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/2fff11f14936b40d8faf7c1c33a11daa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202201/cd5e8af978c8af90d260fc2fcfdfc937.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a01ecaef88ff7f639a42456ac8515b45.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/942d70de392d0e4aa743cb7b02ea162f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/332609cf8cbac61369f6d57d7dad580f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0588aaed69cfe2babaf462133dfb4ad9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202109/aaf72be8146e33023a3df88a0edfd452.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202203/39e36537acd271b53387948b1bf1b7d7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5ba8e4235292d0f5e2725b00db84fd1c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/000a4a0aecfa41e6fe2a67df9eba0cb2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/574eb8f8637dbc321dd17ec77dee4d4f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/35eb9a239baec6c4efa811e6de46d49c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669219661&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-shou-tai-wan-shou-zhan-jing-cai-duo-sheng-wei-lian-wu-hu-bei-qiu-mi-xian-bao-huan-ren-zhu-chi-ru-he.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219660380&bpp=12&bdt=2413&idt=998&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=8209995095257&frm=23&ife=1&pv=1&ga_vid=447335815.1669219661&ga_sid=1669219661&ga_hid=728555065&ga_fc=0&ga_cid=amp-akXUnnIrXjMaJ-E-HdRx-Q&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1540187958&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44774652%2C44770881&oid=2&pvsid=1728215929861189&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7r6dpmbwladh&fsb=1&dtd=1016
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvbW8tc2hvdS10YWktd2FuLXNob3Utemhhbi1qaW5nLWNhaS1kdW8tc2hlbmctd2VpLWxpYW4td3UtaHUtYmVpLXFpdS1taS14aWFuLWJhby1odWFuLXJlbi16aHUtY2hpLXJ1LWhlLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219664423&bpp=4&bdt=547&idt=511&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=352142277560&frm=8&ife=1&pv=2&ga_vid=2074365493.1669219665&ga_sid=1669219665&ga_hid=1071668765&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44779077&oid=2&pvsid=2806712281034857&tmod=1676131394&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.2rwxx68zp7h5&fsb=1&dtd=528
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669219664427&bpp=2&bdt=550&idt=537&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=352142277560&frm=8&ife=1&pv=1&ga_vid=2074365493.1669219665&ga_sid=1669219665&ga_hid=1071668765&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44779077&oid=2&pvsid=2806712281034857&tmod=1676131394&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.jd1vnc4iiai6&fsb=1&dtd=543
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://z.moatads.com/appierdisplay844822012038/moatad.js(Line 138)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1545840d897bfbfca6336a707a8a679d.safeframe.googlesyndication.com
1b1817e6c3b94efadd24cffb68e40941.safeframe.googlesyndication.com
91fa9f7cf749f4efa07098eb7fc6fedd.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.appier.net
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.besafe.global
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.r-ad.ne.jp
csm.as.criteo.net
csync.loopme.me
d-26381953272988190151.ampproject.net
delivery.adrecover.com
demand.trafficroots.com
dis.criteo.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.moatads.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ae1.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.c.appier.net
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s3-ap-southeast-2.amazonaws.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
tags.rd.linksynergy.com
tg.socdm.com
theta273.rtb.appier.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u-sin01.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
vst.c.appier.net
www.adtrek.co
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
aa.agkn.com
ads.betweendigital.com
ads.servenobid.com
cs.admanmedia.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
i.e-planning.net
id5-sync.com
pool.admedo.com
pubmatic-match.dotomi.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
tags.rd.linksynergy.com
usersync.gumgum.com
103.229.10.192
103.229.205.243
103.231.98.194
103.254.153.160
103.3.63.48
104.16.88.20
104.17.25.14
104.18.101.194
104.18.25.173
104.18.33.19
104.18.36.94
104.26.4.103
13.107.42.14
13.112.54.241
13.114.67.130
13.251.2.7
13.33.33.43
13.33.88.118
13.33.88.20
13.35.8.26
13.76.45.37
132.226.63.138
139.162.23.100
139.162.38.30
139.5.84.243
142.250.4.149
142.250.4.97
142.251.10.132
142.251.10.155
142.251.10.156
142.251.12.154
145.40.89.200
15.197.193.217
151.101.1.108
151.101.194.49
152.199.39.108
162.254.186.187
172.217.194.113
172.217.194.156
172.64.151.162
172.64.154.237
172.67.72.16
18.136.131.197
18.138.18.111
18.139.6.26
18.141.93.231
18.155.68.41
18.176.115.166
18.176.226.248
18.177.11.95
18.180.91.211
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.184.8.90
185.84.60.21
195.5.165.20
198.206.157.242
198.8.71.130
202.131.200.84
202.241.208.57
204.79.197.200
209.191.163.209
209.58.163.32
209.58.165.139
209.58.188.181
213.180.204.90
23.106.127.164
23.106.127.38
23.106.127.52
23.15.148.136
23.195.152.23
23.195.153.54
23.36.252.26
23.53.160.138
23.59.80.114
23.72.44.196
23.72.45.156
23.75.214.29
3.1.14.27
3.126.154.37
3.215.164.221
34.107.148.139
34.149.43.113
34.98.64.218
35.186.193.173
35.186.253.211
35.190.60.146
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.230.38.116
35.244.159.8
35.71.178.8
37.157.4.25
38.133.127.95
38.91.45.7
42.99.140.144
42.99.140.161
42.99.140.185
50.116.239.135
50.31.142.31
51.79.234.100
52.183.162.69
52.199.30.24
52.203.53.149
52.212.146.227
52.220.200.169
52.26.113.93
52.41.101.164
52.46.155.104
52.55.206.218
52.63.31.162
52.74.162.2
52.74.36.190
52.84.45.26
52.95.126.138
52.95.134.19
54.243.58.43
54.254.84.61
54.86.208.230
63.251.14.14
64.120.110.138
64.120.110.139
67.199.150.81
67.199.150.82
67.199.150.85
68.67.161.208
68.67.179.153
69.16.175.10
69.173.144.139
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.155
74.125.130.156
74.125.200.132
74.125.24.105
74.125.24.157
74.125.24.94
74.214.196.131
8.43.72.97
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
03a0c039fbeb263242214ffc9f0d4addcf263f266b6a13bb55f04d6e5098b6f2
04fc9cc6a839dbd130cf3f3a8e99dd03aa638509bdae3ef445d4d0cdf06d9ca7
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
0736033dafaea5a36203b95b7562afdd3559a4c9edf234339a886347cd032bea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08457689ada26b1ecf9f1d56293b1fff488e8e443253d579340cf58b8b99a96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096f9cbaffb5b4c28bdca6d2f5444bc65b30a79aa25d434601fd0ed3671f8680
0b81ebd295c56386af5d622092d29db6ecb12a7f8dc8be80fe54cbbfa3d3216e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e960c37ec49f43d04f05c69d4a662b70cf72ae5bd9f6ca94682d1d7b8ab7a19
0ead90bd51f97d8a06059dfd97789dedc2a493edd82f675704a2ba644ab04fdb
102a961beb7ddb796d6b12eef753b5d43e7009134314e6a31208b8d2406ae187
10a6ca1edf1b791ab61dba702f334c95f91314511e5f7c1c9ceabad7039d2f52
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3
11d9f3811d5cb1302331450fa7e2389e59e7aa4ec6be6639709b531b0b929fb2
12051058311f9d79859e916eb4e5a36b9be3fb0e0777361a353e54915c51f39d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fb5f68666a3cae1cd6c8c0212a02d2b4c763cd008c0f63c9fd0d5a42935012
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
161fa64782825e8c44e0e1d3980e4e91dcad8cb40a7616dbb2d0cabbfa75b501
17a6b98ba4a3532767232390ece9dd635556ec9f9fd253c262f367c083289abc
1985d38d7faa965bb91eb6ae8f3751a514e0ae430042ed92b5edb4cac7dec456
1add881ba8cc7b1b203c72e606681d0b94266179b93df4e70b28504104fb4059
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
20b04613e923d8553212a748146bb4b6f5a7000c08905d6da82b5279d860505d
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
27b6a1a1b9fce1c609e64c20eae9ad7839a2209b110663d4d42368186fc309ad
292c23cd0cb7646eed1e5951fa827a4698507c5f45bab13797559eaeaafe8007
2a6cad09468b70f58c8a3c0645f508612ec535ea5ec918036bc3f12d53a536b3
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2cff43e92f56ce5b2ad60b9576968dc98142432921b81ef1e210a50ff9d7042e
2de13d74b5cfa7034d0902203daa25986a89d136b8e512fc5200ef4b77431da9
2f30935c43a26c96948af24e37be557b7aab9e0190c85df22e6858d8a9260bdc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
335b51bc853df121a2c86d836bed693a99fa68ac56e041b8fb232d5e22610119
35fd07ef3a4aeb7eebb8c9bd1df734f5f14e834913fa16a92f0a62473610470f
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
39937536c075104a2885abe8db0e1b01268c2465ff1f0bbc70fdf06fc4c624f5
3a842fcf3b8ab1d1622c1b430dc1683ad857d24a06a1247e1f87ec8a0cac3f1e
3ad3e06e306529fa8b95980be3e7dd1f44ba6d1cfe604513fd83b7056eddf727
3c73a0cfd4d0058fe2374484019ef7ba096708d415f7435b19d4fc9cdd0807c7
3c95bc2a7b63f18977061325767bd80a5c38916ba78c6e82d9d07f7cd8b4cf36
3d2a8309a273bb5add8dd11e8c413bad68ccc9ac9568121799b1d2fc7af615f9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eeb055d7d06c17cd648bdc6c32520c00d74a04c86007ed40820b0133ee01c4b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4241ea327760166712f8b8d5db03c02d86aad9cecc8fb034ba23e58084d79041
44de01ec2e09eb464ebf0455bbfa1fe4fa58aae4a05b2b1e5898f5117d377edd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a9560e9dddf4834139c3b4abd37300dfc9879ac686d3fba921a1488ee4dfe2
49f85d3655cbbf0c8ca3934c30e56143a4ff666b2ca958f138e375ead7120f96
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc95bddd321cc88b89f15623fa69003cb430dd873c9f2392f016ee10746c6e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5165d62c9140e7cfe58cfef713160a27ab6e90540b4279ffe2159c37a4af0879
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6
53c315e1e783a31b00700e00206e887dc1dc8ecc6661f66ec7ab415f7f7c4c3e
5477d8ca5eff9fb6dffb92766a3166e47cbc7d94935fc116576c676da0412193
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59f73c2a7b531c662a9bf3dde2ec64ce25120467f81ac11a53db9e758fe26f6f
5d19578ce8569d6e11f49de6a368c1d50127789c74ed6a22ec2e729603c83d89
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67da69cdc19c9b1ae2f686c85731e341d05d0c1a10336e72dc4f1c9de4d52598
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6fb356dfd35ec78b65317c8714faf5c01233ad66ba4ff38b29c5ffbd09f56817
6ffbe7900c0aac72ca80d9ec3b1e44090b1ca2b37f9f3faa8a0a321f3d546c63
70005a712e48e89c3f725b20b3b0922ef5f13625407a0b5c3dd77daf42d95f63
71c90c4754e4d1d2be5e0627027a46931baf4a7e5dd5e504a11c0bd8681d5a0d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e2fba8a9d89ec9357e6c188cf0e8616fa9a5ca7b9d82254f810953b9195dd3
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
734d46a28ae5458c6b02ba376b0895008481eeb018a7daf651463be45f9c41c1
73bc85b8500dcf8734217d3fda40303372a72a9eeeebaffa608a68aa261f74ec
75d6293d3b3b235995b241146df53aeb2b9c5105cf70bc77ba83ba8fcc642eb5
7809ae817d441fe7c31cf6c1d74c2cea137d761a58dba2d0335ebd62475b5403
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
82ab088f11f675c1f4e78e0b26e8a881db3808bdbf44171d142fe410fa73d74a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
88398be550a28d0a15ce13e626121de53001ab53321657689a51bbd649eb287f
896b2d643404735df60e895765ee2036910e12f6a5aacb36957378a573abb45d
89c75549ec37405096a983599087bad612e0b0b109e81f1ed33bbe3e38ff5524
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a88fa3d03c13cbc28e3e82271d94fddd5a1ebcf4bc7108d4b178e9cf824590a
8ad58a7a61bbce23509a955f388e2842df800ad0f9b883c6535f1350a3630a7b
8b4fa353f4abec9a684db911cdf1c84190be899c4ee774517b0f91ee64020431
8b9ddc9bd0919c6340467aea623a72bcbf6d4e7ed415b7d557c82ad80ae4fce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93009fce0a4402880d9b38ebb8b4baa8a87b9074d8d6dc94cd5c307511d751af
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
95e68c47129d6385026c1d1023eb3ebc673b14c04e2ba231b50ca92c64394ebc
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96e4c2dc075b2b7d23005c5ee413d5a66563a2e6fd032b580aad79a49eb1ee71
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
a9f1baccbdd97e46a75d9845001f747cec4592b915764bfda5f1dfb9ba901182
abfa0d18d9922693e3093215bfb6ff22f09f551c2e07217b53a6f13338bacb1c
b06a4deb1e945140e055bb5f0109655f9523997a0b696072321fcce95239ad7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43358e1c225fc40eb01610b4ea467c8112189e14438bb91230c3873dfaf2a13
b4c77d16f89de3ae5660fc98877097f8f08af8c1c554785dbc8e37ffbd20abee
b4ce65f09dd4d96cd8ac7103fb9896fed13449485f3a5f707f855f94ba20c395
b5324356e31a6d74709d8bf8d391935177832384e730b5f750e0e8e64a4aa687
b55ecbf4dd3cac1378c0d98307a7f46703da201d27b9bf1204301e567006bf52
badbf8e1d8e90266231ae5e4c8e863eaf60949c40dd3ad7482a9d8d476dc1abd
badfa14d323f05f827036b9d5a12835fd3c3684af084a0c845e71ab432082073
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bdece9b0306202e51b834ec772778812f53c647d1c97fac1ec714e3c8b94bbe2
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
bf747d03c51aaa3690742886f12dff8050ea067f931b203720988c9d1366c083
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c514ff2c0620e171a036dd0c73b943110a86e54dd155b968d279e2aef9009a84
c6404a6445360d772e0e5b5f502a4b6f07dbee331c5132d95affd837d3b832ba
c8ff39ac0b6e21fa473efa1c13675ba719d99c87ffdbaf0e9e8b743276dec8b8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9aab16337062d8a59786a2d05d4a7d888b06cb6483ac5bdf68f1a8b8117e6b4
cb09f1e2d0cefe2cee9703d1c90e0e0024e127fc39f62e7703e1b82667cc3e61
cde23e5f7a64a5f27a53a63338f2667e495c0cdd0f049be5f7c2a16d9d94350c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5d75603ffc89e2348db19dd57a857fb9e88733da9e3a626d83572e6ca88661
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d7d13eaeff97b78cd46489332fe32ccb5fcb8db0839d9e602042bb5c47e46f24
d7fd5cf1a3b02ceb2211afa76f1e1d445d5f70fcbbef9bb9c8affaf1b38d3ec8
d829fd44c171d5be64f8774e4ca63ce088d862bdb2164e009d0202781e18ea92
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
db30278a860c54cc5effe0915a4f84ddac85914cb3b52bc72d610d790ec5fad2
db3bb0331e0217a9b13adc92afdce74540822e9a2094a4c640a23522f6596b88
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
eb4f52fc122c0242eef6f384c14dc3276cdf50c7b44493d37217a9d215e851a9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edbf0bfcbf4ae18149e4001e2b1e14fd11b956496d34a60b2b11991b4204e497
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee9d5ca9ca3a53adeda1083f6024afeff9e394b08e7f23dc87cebf800c4b2075
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
f1318f0d6173aebc47e024292ea163ace6c28181a59e061bfa4e52dde3e3d7a5
f1b477e36758349fff1b86c2e91f6947fb56baf6af9691ee926093329555bb4c
f71b3f73630e6ab7a787dd63b6d80245d7ee28b43254adc6f2859fd4727ac4a7
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f824af6240aaa57ba4104f1969365afa9b6904544545284db4a7469e6a94768a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e