urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Submission: On January 10 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 7 countries across 89 domains to perform 457 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 54371.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
17 74.125.24.132 15169 (GOOGLE)
15 103 74.125.68.154 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
3 64.120.88.131 133752 (LEASEWEB-...)
4 20 142.250.4.155 15169 (GOOGLE)
20 172.67.72.16 13335 (CLOUDFLAR...)
2 69.16.175.42 20446 (STACKPATH...)
11 74.125.200.155 15169 (GOOGLE)
2 172.217.194.97 15169 (GOOGLE)
3 172.217.194.156 15169 (GOOGLE)
3 172.253.118.156 15169 (GOOGLE)
11 142.250.4.154 15169 (GOOGLE)
2 216.239.32.178 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
4 13.33.33.91 16509 (AMAZON-02)
1 152.199.39.108 15133 (EDGECAST)
27 172.253.118.132 15169 (GOOGLE)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 7 104.18.33.19 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
4 9 104.254.151.120 29990 (ASN-APPNEX)
1 35.213.117.18 15169 (GOOGLE)
4 139.99.49.250 16276 (OVH)
1 184.51.137.72 16625 (AKAMAI-AS)
7 52.16.124.13 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
9 35.244.159.8 15169 (GOOGLE)
1 2 145.40.89.200 54825 (PACKET)
1 52.76.48.74 16509 (AMAZON-02)
3 52.193.158.132 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 54.69.44.22 16509 (AMAZON-02)
1 4 103.229.10.192 16509 (AMAZON-02)
11 172.217.194.147 15169 (GOOGLE)
2 3.233.146.17 14618 (AMAZON-AES)
1 13.33.33.118 16509 (AMAZON-02)
12 182.161.73.129 55569 (CRITEO-AS...)
4 74.125.24.157 15169 (GOOGLE)
3 74.125.68.155 15169 (GOOGLE)
2 74.125.24.149 15169 (GOOGLE)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
7 20 139.5.84.243 27381 (CASALE-MEDIA)
3 6 104.18.24.173 13335 (CLOUDFLAR...)
2 2 34.83.125.63 396982 (GOOGLE-CL...)
2 2 35.186.193.173 15169 (GOOGLE)
2 2 18.178.247.29 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 64.74.236.191 19024 (INTERNAP-...)
2 2 23.23.131.203 14618 (AMAZON-AES)
4 6 50.116.239.135 6336 (TURN-US-ASN)
4 6 18.136.31.174 16509 (AMAZON-02)
6 6 174.137.133.49 27257 (WEBAIR-IN...)
7 8 3.33.220.150 16509 (AMAZON-02)
1 182.161.73.132 55569 (CRITEO-AS...)
4 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
2 182.161.73.136 55569 (CRITEO-AS...)
5 23.75.85.227 16625 (AKAMAI-AS)
1 52.84.45.26 16509 (AMAZON-02)
2 104.18.36.94 13335 (CLOUDFLAR...)
3 9 35.71.178.8 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2 202.241.208.57 4694 (IDCF IDC ...)
2 2 13.33.88.71 16509 (AMAZON-02)
2 13.107.42.14 8068 (MICROSOFT...)
3 6 209.54.182.161 ()
1 13.107.21.200 8068 (MICROSOFT...)
1 52.197.233.239 16509 (AMAZON-02)
1 23.106.127.164 ()
3 3 23.41.65.80 16625 (AKAMAI-AS)
2 184.51.240.213 16625 (AKAMAI-AS)
1 13.33.88.118 16509 (AMAZON-02)
1 1 72.34.250.75 ()
1 209.191.163.209 ()
2 2 52.74.162.2 16509 (AMAZON-02)
4 7 69.173.158.64 ()
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 2 151.101.66.49 ()
1 1 34.96.71.22 ()
2 2 23.106.69.72 ()
1 103.231.98.196 ()
457 75
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
17    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com
b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
103    74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
3    23.108.102.145 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
20    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
20    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
11    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
securepubads.g.doubleclick.net
2    172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com
3    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
partner.googleadservices.com
3    172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
adservice.google.co.nz
11    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.com
2    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-23567834523559408810.ampproject.net
7    13.76.45.37 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
27    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
tpc.googlesyndication.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
9    104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
4    139.99.49.250 (Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    184.51.137.72 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
a.teads.tv
7    52.16.124.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.76.48.74 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-48-74.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    52.193.158.132 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-158-132.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    54.69.44.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-44-22.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
4    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
11    172.217.194.147 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f147.1e100.net
www.google.com
2    3.233.146.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-17.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
12    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
4    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
googleads4.g.doubleclick.net
3    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
www.googletagservices.com
2    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
s0.2mdn.net
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
20    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    18.178.247.29 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-247-29.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    64.74.236.191 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    23.23.131.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
6    18.136.31.174 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-31-174.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
8    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
4    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.84.45.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-26.mrs52.r.cloudfront.net
public.servenobid.com
2    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.197.233.239 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-233-239.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
1    23.106.127.164 (None, )

ASN- ()
ssbsync.smartadserver.com
3    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    184.51.240.213 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    13.33.88.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-118.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
1    209.191.163.209 (None, )

ASN- ()
ap.lijit.com
2    52.74.162.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    34.96.71.22 (None, )

ASN- ()
s.company-target.com
2    23.106.69.72 (None, )

ASN- ()
gu.dyntrk.com
1    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
97 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com
b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
2 MB
67 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
543 KB
27 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 760
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
26 KB
22 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
7 KB
21 bg3.co
www.bg3.co — Cisco Umbrella Rank: 54371
static.bg3.co
15 KB
19 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1381
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
eus.rubiconproject.com — Cisco Umbrella Rank: 832
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1267
pixel.rubiconproject.com
token.rubiconproject.com
20 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.as.criteo.net — Cisco Umbrella Rank: 10234
csm.as.criteo.net — Cisco Umbrella Rank: 9735
126 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15457
e3.adpushup.com — Cisco Umbrella Rank: 17049
campaign.adpushup.com — Cisco Umbrella Rank: 47244
240 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
225 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 817
eb2.3lift.com — Cisco Umbrella Rank: 497
5 KB
10 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 16201
u.openx.net — Cisco Umbrella Rank: 983
us-u.openx.net — Cisco Umbrella Rank: 698
jp-u.openx.net — Cisco Umbrella Rank: 6508
3 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com Failed
27 KB
10 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 59899
2 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
5 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
4 KB
8 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2958
public.servenobid.com — Cisco Umbrella Rank: 5816
7 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
4 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
r.turn.com — Cisco Umbrella Rank: 4328
3 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
3 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 13019
ads.as.criteo.com — Cisco Umbrella Rank: 9458
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 10102
gum.criteo.com — Cisco Umbrella Rank: 446
42 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27676
sync.aralego.com — Cisco Umbrella Rank: 4367
4 KB
4 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6315
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1458
pixel.quantserve.com — Cisco Umbrella Rank: 985
cms.quantserve.com — Cisco Umbrella Rank: 1004
11 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
3 KB
4 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 365810
4 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 11232
47 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 741
image8.pubmatic.com Failed
image6.pubmatic.com
simage2.pubmatic.com Failed
14 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
144 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
1 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
649 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
714 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 17090
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1130
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 980
cdn.indexww.com
2 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7600
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 775
1 KB
2 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 16233
608 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5807
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
72 KB
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 11108
467 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1256
794 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
413 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
79 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 21367
10 KB
1 company-target.com
s.company-target.com
419 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2698
367 B
1 lijit.com
ap.lijit.com
277 B
1 sonobi.com
sync.go.sonobi.com
655 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5390
cs.minutemedia-prebid.com Failed
5 KB
1 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
1 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2287
usersync.gumgum.com Failed
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 444
668 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3008
173 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1277
614 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4327
517 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1583
501 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1377
x.bidswitch.net — Cisco Umbrella Rank: 411 Failed
361 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1875
181 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
2 KB
1 ampproject.net
d-23567834523559408810.ampproject.net
0 semasio.net Failed
uipglob.semasio.net Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
0 ambientdsp.com Failed
cm.ambientdsp.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 trafficroots.com Failed
demand.trafficroots.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 adform.net Failed
c1.adform.net Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 tapad.com Failed
pixel.tapad.com Failed
457 89
Domain Requested by
64 pagead2.googlesyndication.com www.bg3.co
pagead2.googlesyndication.com
cdn.ampproject.org
ads.aralego.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
www.googletagservices.com
39 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
ads.pubmatic.com
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
20 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
20 static.bg3.co www.bg3.co
13 googleads.g.doubleclick.net 4 redirects pagead2.googlesyndication.com
cdn.ampproject.org
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
12 static.criteo.net cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
11 www.google.com tpc.googlesyndication.com
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
11 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
cdn.ampproject.org
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
pagead2.googlesyndication.com
10 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
cs-rtb.minutemedia-prebid.com
9 ib.adnxs.com 4 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
ads.pubmatic.com
8 match.adsrvr.org 7 redirects cdn.adpushup.com
ssbsync.smartadserver.com
7 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
ads.pubmatic.com
7 e3.adpushup.com www.bg3.co
6 s.amazon-adsystem.com 3 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
6 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
cs-rtb.minutemedia-prebid.com
5 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 token.rubiconproject.com 4 redirects
4 pix.as.criteo.net ads.as.criteo.com
4 rtb2-useast.e-volution.ai 4 redirects
4 ad.turn.com 4 redirects
4 googleads4.g.doubleclick.net www.bg3.co
4 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 onetag-sys.com cdn.adpushup.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
4 adx.holmesmind.com pagead2.googlesyndication.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 pixel.rubiconproject.com www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 us-u.openx.net u.openx.net
3 s.tribalfusion.com 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
3 a.tribalfusion.com 3 redirects
3 www.googletagservices.com 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 gu.dyntrk.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
2 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
2 px.ads.linkedin.com eb2.3lift.com
www.bg3.co
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 gum.criteo.com cdn.adpushup.com
2 csm.as.criteo.net ads.as.criteo.com
2 dsp.adkernel.com 2 redirects
2 cms.quantserve.com 1 redirects 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
2 r.turn.com 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
2 sync.srv.stackadapt.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 v9999.adv.admeme.net 2 redirects
2 ipac.ctnsnet.com 2 redirects
2 um.simpli.fi 2 redirects ads.pubmatic.com
2 s0.2mdn.net 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 image6.pubmatic.com ads.pubmatic.com
1 s.company-target.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
1 sync.go.sonobi.com 1 redirects cs-rtb.minutemedia-prebid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 tr.blismedia.com 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
1 ads.as.criteo.com 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 campaign.adpushup.com www.bg3.co
1 d-23567834523559408810.ampproject.net cdn.ampproject.org
1 b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 cm.ambientdsp.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 demand.trafficroots.com Failed ssbsync.smartadserver.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 creativecdn.com Failed g2.gumgum.com
0 cs.emxdgt.com Failed g2.gumgum.com
0 sync.inmobi.com Failed g2.gumgum.com
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
0 image8.pubmatic.com Failed cs-rtb.minutemedia-prebid.com
0 x.bidswitch.net Failed cs-rtb.minutemedia-prebid.com
0 secure.adnxs.com Failed cs-rtb.minutemedia-prebid.com
0 bh.contextweb.com Failed cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed cs-rtb.minutemedia-prebid.com
0 cs.admanmedia.com Failed cs-rtb.minutemedia-prebid.com
g2.gumgum.com
0 rtb.mfadsrvr.com Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 cs.minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com
0 ad.360yield.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 stags.bluekai.com Failed g2.gumgum.com
0 c1.adform.net Failed g2.gumgum.com
ads.pubmatic.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 ssp.disqus.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 p.rfihub.com Failed public.servenobid.com
0 sync.1rx.io Failed public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 pixel.tapad.com Failed eb2.3lift.com
457 135

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
teads.tv
R3		 2023-01-05 -
2023-04-05		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-26 -
2023-04-26		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-24 -
2023-03-26		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-20 -
2023-03-18		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-21		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2023-01-07 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-01-05 -
2023-07-05		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh

This page contains 81 frames:

Primary Page: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Frame ID: 2269200D0AF6671533F2247E7FC16624
Requests: 104 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230105/r20190131/zrt_lookup.html
Frame ID: D23D961C034F300828996B3A8A3AB074
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 747469C687E55B4E9B5260B39357EF02
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 50CB1E0531951AA879E7A6E4522CD7B0
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1DE93EB49847D99F1CE530D200F888E1
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A69071BD7178D887FC3E149F5FD21ABC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1673328071&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328069066&bpp=2&bdt=1407&idt=2529&shv=r20230105&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8508248951007&frm=20&pv=2&ga_vid=413814887.1673328072&ga_sid=1673328072&ga_hid=1623422492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071374%2C44779794&oid=2&pvsid=931296478709036&tmod=2041207282&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2551
Frame ID: 6E0C3DE384444EB2327CAFEF5A042BFB
Requests: 1 HTTP requests in this frame

Frame: https://bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3AD18390430D6A85A9F6A2D388B4AA2A
Requests: 1 HTTP requests in this frame

Frame: https://b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 58A65EA70C38486EB48FCE96663A0F67
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: 77F1540440BAEC38F75F7D4C3F813E33
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: EFE008CC130679B116C70056871CE499
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-815366635365156990&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3117&oid=2&is_amp=5&amp_v=2212151632002&d_imp=1&c=78205008941&ga_hid=1623422492&dt=1673328073457&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&bdt=5798&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: F9AC43F3C757475A8FEA1C2F8344659F
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: 90E5037B2F82CAA202496A1B53E262FF
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: 38205ABF4883EA9E07B2EB5BEE631016
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D59252347A04666530FC2A4166B393C3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FF59AD8E9517BFEF598A63DD7789946
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60BB6213100CAB05BE477A42706124E5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C803337EE5441973E16C9EF6D82433E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328076748&bpp=4&bdt=596&idt=403&shv=r20230105&mjsv=m202212050101&ptt=9&saldr=aa&nras=1&correlator=7271324632331&frm=8&ife=1&pv=2&ga_vid=1665242101.1673328077&ga_sid=1673328077&ga_hid=201472305&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071366%2C31071399%2C44773747&oid=2&pvsid=108627130740098&tmod=1501451890&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.51isdm9nkg8r&fsb=1&dtd=411
Frame ID: 7D898BC560A0B2319CBB955E0A42F75B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328076752&bpp=1&bdt=601&idt=412&shv=r20230105&mjsv=m202212050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7271324632331&frm=8&ife=1&pv=1&ga_vid=1665242101.1673328077&ga_sid=1673328077&ga_hid=201472305&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071366%2C31071399%2C44773747&oid=2&pvsid=108627130740098&tmod=1501451890&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.bfx55ty7vm83&fsb=1&dtd=416
Frame ID: 510BBB8C04F20DEFC609BE73A1E9C99A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520751&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328077016&bpp=3&bdt=810&idt=404&shv=r20230105&mjsv=m202212050104&ptt=9&saldr=aa&nras=1&correlator=292469716514&frm=8&ife=1&pv=2&ga_vid=2016053148.1673328077&ga_sid=1673328077&ga_hid=1279318029&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071387&oid=2&pvsid=2728621662198204&tmod=313398691&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.3u0y03z5l6a3&fsb=1&dtd=420
Frame ID: 964FEFA21EAD9990F67E84239DC8DD05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093739&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328077019&bpp=1&bdt=813&idt=423&shv=r20230105&mjsv=m202212050104&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=292469716514&frm=8&ife=1&pv=1&ga_vid=2016053148.1673328077&ga_sid=1673328077&ga_hid=1279318029&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071387&oid=2&pvsid=2728621662198204&tmod=313398691&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9t0jamhxhsq4&fsb=1&dtd=427
Frame ID: D9AF9A712E5832D823019AEA4725E973
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05D85F75066C955C40A01E1904D9B35A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 107E31952F16E338391558680332C6A0
Requests: 2 HTTP requests in this frame

Frame: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D720A3CBF7EC193CCA07B5B1E812F128
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4326DFE8A8BEFEB3EA0D88578F7EB46
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96C621598452F82D6A84752F1DEC8AAC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64E2F2945CF5C6B0B67F63FAB0E18A32
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC6D44FA53BA17BD9094DDCD9D910DAD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FC2ED7B136A0E0629E298CB07CAE261
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 952B8C42681F1FFAC264B42E5CF76C78
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A158592D5E2B6E23ABE7B0FFB0B72763
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9CDFACCD16AE137683D82F985542510A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F46F725ED7E5F893AC652DA0AB40BFE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60F36AE5F53B1AF40BD48A377AF39C3D
Requests: 2 HTTP requests in this frame

Frame: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19658AE1C3857B14B9197907FBC93C6E
Requests: 14 HTTP requests in this frame

Frame: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 395D499507912DE4F33D3C98DE670CE0
Requests: 14 HTTP requests in this frame

Frame: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1897DAE79B2DAD7069AEAC027DAC3211
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGOjnkt0BMAE&v=APEucNWV_gboMcVn5sIIPCzEaNHT2fyw_kucgTLIQ8ELHTo8xwxoXlibJ9_sfvOXEDfjQ1mrRjO9_nwWfXXiENl0xlu1fGf5XQ
Frame ID: 101B6B70FA44670778568A4FCFEE304D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGLX9jt0BMAE&v=APEucNUEXf2tcqGBG3ZF0PhNTm2LhdVlfXrm3pDmaRuNfNFNKVEcDSGcaSl66DBtQomLJOZJ1mXXTxwM53JROFaUMbBbVy1KzA
Frame ID: E7F67A3C3876C573946B1EA9AEB8B747
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 084B8D70E09C7CFE3FE5B28E446817D6
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB5385289EA3D86FC6DD6918D7B60D64
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05C4068C47D17859C8BAA1084A8B0D38
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A35F51A42B5521235A35A617D4446907
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EA10F85D6E38061B0F3F62E0B9DD612
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EDCCF898C305F7A70F482D94E56DA0A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1673328076775
Frame ID: 3AD88B5A633E4D62FAF612D857EF4F5B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A222AC8E2C8C4DEBB83E38F1EA89806D
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8E08CCC81F10099A5E597C17B13AD578
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 849F4FA52B14BFD8F82EDC9FCF891509
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7845079172FEBF5332B8FEAEC3588847
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 960B7EE64B3E17DBD64C8D4066E059FF
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CCFBDA9A946BB789BA1123DF2A12EC3D
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 814512A764752274F37EF6960A9F5759
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B4D8A1909D477E5A6BB758FD2E5ED838
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 571D5B59937C56B22A97542A67E919BA
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 49977549EAD6C69BAF041D13AEA4D3DF
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 889D4769CD2D95AFC193EFD3D63180A5
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: C452DD36F6A134FE0F3ECC48D3C4B2F0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B37D95E0690C4D46F03C332B62EC9EE2
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 7D26D3837BA32F35F9E8E06006AA3D2B
Requests: 25 HTTP requests in this frame

Frame: https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 16255EA01C7F2757AB0012BD47C67808
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7936996FC82B1A04F05E9C0495FA24B2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=b13179aa-bda5-4174-993b-e35908e44d7d
Frame ID: AC4CC512D16C1EA769E38CE3513629E6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=ee0463bc-f5d4-4700-b7b5-e8bdeac49805&gdpr=0&gdpr_consent=
Frame ID: 0ACAEA60B284B84C6010B7814F735126
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y7z10wAKDHVilgAe&gdpr=0&gdpr_consent=&_test=Y7z10wAKDHVilgAe
Frame ID: 1C4D154FEFA6A4A70890A96F531B19AA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84YmUxZTNjOS0yYjRiLTQyNzQtYWExNy1hNTMwMzRlNzliYjU=&gdpr=0&gdpr_consent=
Frame ID: 71F8AF4772E1E37C8948BFE96C61DDC9
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 8BEEF9BD1D852A1D180944DE1B457149
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y7z10sCo5s0AAM2zJpQAAAAA
Frame ID: 35B4CBF50126562673999528482D8CD2
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 47F101DC89003449C4CE686996F60906
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y7z10lto6UCP9PkAwtBI5AAA%264988
Frame ID: EF9F2145F406FC244C6FE4692690F785
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: E4999EB426B9194B7116CD554C5EBF4F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 701DE1D511F07D08515D2C1D6A7ECFA8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 967A861228CDA206C865EF42B4968F40
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 71E543D2A7ED0B7D6BC14998FF597A48
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1E4E89B4-A8B6-4A88-8831-F600A7B5003F&gdpr=0&gdpr_consent=
Frame ID: 7B6A0D1DF0D8814C68DE54F147DE1703
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 9C2C3AF62246CBB692021C9DF352F955
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 94446DC94D2F8FB18CBE27C523EC2D28
Requests: 1 HTTP requests in this frame

Frame: https://cm.ambientdsp.com/cm/send?vc=pmj
Frame ID: 2FACAEBC8454EBD4D59A20019E7D6860
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 40C7DA552EEF7C8353866A4443206B62
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=1E4E89B4-A8B6-4A88-8831-F600A7B5003F
Frame ID: F15DA91952CC50A9D61B35C65F98A85C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

廢棄30多年!西班牙整座村落售出 只賣980萬臺幣 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

457
Requests

69 %
HTTPS

0 %
IPv6

89
Domains

135
Subdomains

75
IPs

7
Countries

3306 kB
Transfer

9369 kB
Size

78
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 81
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673328073&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328071051&bpp=12&bdt=2041&idt=2319&shv=r20230105&mjsv=m202212050101&ptt=5&saldr=sa&correlator=8508248951007&frm=23&ife=1&pv=2&ga_vid=1361152467.1673328073&ga_sid=1673328073&ga_hid=1497875583&ga_fc=0&ga_cid=amp-F78C2O-FoJgQHME0We5CQQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1034&biw=1600&bih=1200&isw=336&ish=280&ifk=3978194112&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C31071364%2C31071399%2C44779794&oid=2&pvsid=1765725156878927&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z9qn3jpuexwt&fsb=1&dtd=2335 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 85
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1673328073&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328071156&bpp=16&bdt=2162&idt=2244&shv=r20230105&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8508248951007&frm=23&ife=1&pv=1&ga_vid=1418245811.1673328073&ga_sid=1673328073&ga_hid=446688944&ga_fc=0&ga_cid=amp-F78C2O-FoJgQHME0We5CQQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1984234161&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071374&oid=2&pvsid=3731464552959137&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.he0beu7a7yl8&fsb=1&dtd=2262 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 105
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328074971&bpp=13&bdt=342&idt=430&shv=r20230105&mjsv=m202212050102&ptt=5&saldr=sa&correlator=7271324632331&frm=8&ife=1&pv=2&ga_vid=261910352.1673328075&ga_sid=1673328075&ga_hid=1020395688&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31071375%2C44779793&oid=2&pvsid=581035714307704&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7z5nzwr4i0hj&fsb=1&dtd=450 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 109
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328074996&bpp=11&bdt=359&idt=466&shv=r20230105&mjsv=m202212050102&ptt=5&saldr=sa&correlator=292469716514&frm=8&ife=1&pv=2&ga_vid=1728318260.1673328075&ga_sid=1673328075&ga_hid=1649772575&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071375&oid=2&pvsid=3052707452398066&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.eejl028chjkz&fsb=1&dtd=481 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
Request Chain 239
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7z10UgLkrKl6xqW6E2ZYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
Request Chain 241
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
Request Chain 244
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7z10WJela2u2biSFR380AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
Request Chain 246
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
Request Chain 249
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 250
  • https://um.simpli.fi/gp_match?google_gid=CAESEGNZSAiY55cDdVaIm4jFvXA&google_cver=1&google_push=AavPq0OIT_WxQEogFpRmSqqdzUsRBRboFatu9D5hnXacS0_INpWBDC8S7SU_cgj8cakO1Um1xPevokZoFuCkp_7knRclF1mwnFJL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B09099880924638AF3864DE4963A102&google_push=AavPq0OIT_WxQEogFpRmSqqdzUsRBRboFatu9D5hnXacS0_INpWBDC8S7SU_cgj8cakO1Um1xPevokZoFuCkp_7knRclF1mwnFJL
Request Chain 251
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECME8n6qbbX47c-jqbz8Cs0&google_cver=1&google_push=AavPq0Oi8od4cBXbWOw1MHpEi1iPrkvX-ndHRa4XjytqOA3KoQV2Kxcx5IzUD1bhiwBdIhypq6G106Er7yEhePnCIu72D1bXxnrUNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Oi8od4cBXbWOw1MHpEi1iPrkvX-ndHRa4XjytqOA3KoQV2Kxcx5IzUD1bhiwBdIhypq6G106Er7yEhePnCIu72D1bXxnrUNQ&google_hm=gwmQsLsNSW-5Gjzqd7A_4tY
Request Chain 252
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESECENO11UQcsaIqX3ZBE_E2k&google_cver=1&google_push=AavPq0O8VcMADnkweNrm0_Kl4L8e6ioMwLbtdgJhL1tEkFqIXqH_YVzfQdL2jzoZzYrmwxBg1z2VTYjSgtO6Jo58qsI0T2RDMhyE6Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0O8VcMADnkweNrm0_Kl4L8e6ioMwLbtdgJhL1tEkFqIXqH_YVzfQdL2jzoZzYrmwxBg1z2VTYjSgtO6Jo58qsI0T2RDMhyE6Q
Request Chain 254
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFdgsZdBIxa1AANG3CRGgYY&google_cver=1&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwGFi8dJorZCEDMyPr HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFdgsZdBIxa1AANG3CRGgYY&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwGFi8dJorZCEDMyPr&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwGFi8dJorZCEDMyPr&google_hm=bFhoU29qOUZIUmg2WUhTQllwUjc=
Request Chain 255
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDXMjoDVZf9lME-VrBOkIgU&google_cver=1&google_push=AavPq0Pkxt1qcEEqezCQ2C8BJGPymZOaPf_hPbTr2b2t2ggB62KDzmAS8UNiE1FSV9KXXOpeJRzih39yVaE0f29eWSSL8crjc7n4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VkmeciLcRB5ygdNgzTW4TXRaStY&google_push=AavPq0Pkxt1qcEEqezCQ2C8BJGPymZOaPf_hPbTr2b2t2ggB62KDzmAS8UNiE1FSV9KXXOpeJRzih39yVaE0f29eWSSL8crjc7n4
Request Chain 261
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1&google_push=AavPq0OmVXlAHVIUYjlNHHecTU1ki1u_iHIcYbk9HROdM0FsB7mWcrRWHJBc20-kgaChSyj4NbAAS5OY7aurWFs3GlpA_zj5nlGv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI2MjI4NjAzNzI0ODcwMzMyOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
Request Chain 263
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 264
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESECENO11UQcsaIqX3ZBE_E2k&google_cver=1&google_push=AavPq0NbBpVMUzp5H3WTO7okDhzwkruRgJU9r5qJIBJp2NmCcJUFbmhSlTYfw2nMGmUBzxa_uNFuGiyUQKPrMjTkw43dBkenu9f_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbBpVMUzp5H3WTO7okDhzwkruRgJU9r5qJIBJp2NmCcJUFbmhSlTYfw2nMGmUBzxa_uNFuGiyUQKPrMjTkw43dBkenu9f_
Request Chain 265
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELiYBmlZMG26mnxN1IAE-cc&google_cver=1&google_push=AavPq0M0BMMnpvXYAeBMwalHxCCVZsgprW5py-0cItV1LmHTVrM_3Z5zVTOnwMj6lIhdSViyYn7FCWAxe-ILp8600GMa8I2Msel4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M0BMMnpvXYAeBMwalHxCCVZsgprW5py-0cItV1LmHTVrM_3Z5zVTOnwMj6lIhdSViyYn7FCWAxe-ILp8600GMa8I2Msel4&google_hm=eS1nd3RVYlY5RTJwRUR3MHpGNkpralJZRGdJN213UG9PaH5B
Request Chain 266
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDXMjoDVZf9lME-VrBOkIgU&google_cver=1&google_push=AavPq0MMZ-YNzo3JjdojQGDl2R3WHgCLt7s9XelR9p4oFaLFE3e0VfwgRmW-LxFFkKpQJInJmvnJ626GS5f2l44Me61_hi2IMX_c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qZAHddiFQoB85SIfHW4SynRaStY&google_push=AavPq0MMZ-YNzo3JjdojQGDl2R3WHgCLt7s9XelR9p4oFaLFE3e0VfwgRmW-LxFFkKpQJInJmvnJ626GS5f2l44Me61_hi2IMX_c
Request Chain 267
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZk4caQtLeZt2HN0ZDSHhlTA HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEA9UgC_-dx9GebwG_3ZWHS4%26google_cver%3D1%26google_push%3DAavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZk4caQtLeZt2HN0ZDSHhlTA HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A7342227780433450611&exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZk4caQtLeZt2HN0ZDSHhlTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTczNDIyMjc3ODA0MzM0NTA2MTE&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZk4caQtLeZt2HN0ZDSHhlTA
Request Chain 269
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1&google_push=AavPq0MDiWmDEOEnHRTdM0ePYjDonh1gSTWh_XQpLhstm92vsrnFV2yAOYtzaZXvlRz-VV8fKPgUIN3ob4ZXccjrobv684dId8izqgcErz7PeLslIC8zd5JXQvRsbbqKOs4wo6-U9kapCe7SijfDhQrNMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyODQxNzAxNjY1MjAzNjk2MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
Request Chain 270
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 271
  • https://um.simpli.fi/gp_match?google_gid=CAESEGNZSAiY55cDdVaIm4jFvXA&google_cver=1&google_push=AavPq0P1z9qKhm3rW3sX1HhhZb3holnTdqEH7ZeEdxHwl8DL-02UyUBw0rZizfCJKW5ylAhjlSCMdIOXIFi0ng_oW99bLxEG2FGDFcTq3aUergTG_sHBtQyaLtCDSzWFmrHBW-QrxpDm4aFpPMmum8SZpuw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50FCB8F1664C408CB1D2D56BADC2C391&google_push=AavPq0P1z9qKhm3rW3sX1HhhZb3holnTdqEH7ZeEdxHwl8DL-02UyUBw0rZizfCJKW5ylAhjlSCMdIOXIFi0ng_oW99bLxEG2FGDFcTq3aUergTG_sHBtQyaLtCDSzWFmrHBW-QrxpDm4aFpPMmum8SZpuw
Request Chain 272
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESECCNJmll91nfkSfZWHh7wYU&google_cver=1&google_push=AavPq0NaKxR0O0iWpjoeWWc28LcaHKqcvYJoj7bFbpnpzNK0Nrq-r2BIVUwONtHLezKnq7HwOjGELv6OpOunQRtmdxlV7zvBrMamB3RzvOPn6OGFuMqbcbqfGjWIE4WbAUmpT8b1ep9dVbIgVXM1FKzkgWQ HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESECCNJmll91nfkSfZWHh7wYU&google_cver=1&google_push=AavPq0NaKxR0O0iWpjoeWWc28LcaHKqcvYJoj7bFbpnpzNK0Nrq-r2BIVUwONtHLezKnq7HwOjGELv6OpOunQRtmdxlV7zvBrMamB3RzvOPn6OGFuMqbcbqfGjWIE4WbAUmpT8b1ep9dVbIgVXM1FKzkgWQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YjEzMTc5YWEtYmRhNS00MTc0LTk5M2ItZTM1OTA4ZTQ0ZDdk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=b13179aa-bda5-4174-993b-e35908e44d7d
Request Chain 273
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECME8n6qbbX47c-jqbz8Cs0&google_cver=1&google_push=AavPq0N7kcqFtX1mBymZaObwlDmny_oS8oQMeCVVbdnZDjLBdlWFaMIpmRUQr3xKwUs6FAV8TYbV6_bvtm7YwKbG2od2Z0G3dUC7vxV-9mXZjXuz6D-4dcvzJhF4C5F6brhdevQCDm-U9dLgiRiKhHCclO8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0N7kcqFtX1mBymZaObwlDmny_oS8oQMeCVVbdnZDjLBdlWFaMIpmRUQr3xKwUs6FAV8TYbV6_bvtm7YwKbG2od2Z0G3dUC7vxV-9mXZjXuz6D-4dcvzJhF4C5F6brhdevQCDm-U9dLgiRiKhHCclO8&google_hm=83QpSJh0REuVdLzHWuYF29Y
Request Chain 274
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELiYBmlZMG26mnxN1IAE-cc&google_cver=1&google_push=AavPq0Mv1WEExD87_BtRn3BWPZBFhAzcHONeQ9uuxglvJRqzuknpU6Izla3RnwG9d9CB1esoS0IR4ZcK4FN_WvDUOcaXU2OZgqXpa_V1Nab1iVpLems-xlTKk7W68u6VMTr8lpsMhrIuBhoYZXWLZotZYAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mv1WEExD87_BtRn3BWPZBFhAzcHONeQ9uuxglvJRqzuknpU6Izla3RnwG9d9CB1esoS0IR4ZcK4FN_WvDUOcaXU2OZgqXpa_V1Nab1iVpLems-xlTKk7W68u6VMTr8lpsMhrIuBhoYZXWLZotZYAg&google_hm=eS1GbFlQN2xsRTJwR1JBZ2FHQ0NHME12NGF0amJUdFdTSX5B
Request Chain 275
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpDhXNFSVG6ysB-QCqWbl1qXfYDz9VbYM33u1It-wFzhNaPsXOBRVymxg8PfK_AOZOCaL-SOUZqw_Po HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEA9UgC_-dx9GebwG_3ZWHS4%26google_cver%3D1%26google_push%3DAavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpDhXNFSVG6ysB-QCqWbl1qXfYDz9VbYM33u1It-wFzhNaPsXOBRVymxg8PfK_AOZOCaL-SOUZqw_Po HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A7895670797110204250&exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpDhXNFSVG6ysB-QCqWbl1qXfYDz9VbYM33u1It-wFzhNaPsXOBRVymxg8PfK_AOZOCaL-SOUZqw_Po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4OTU2NzA3OTcxMTAyMDQyNTA&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpDhXNFSVG6ysB-QCqWbl1qXfYDz9VbYM33u1It-wFzhNaPsXOBRVymxg8PfK_AOZOCaL-SOUZqw_Po
Request Chain 308
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 313
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7144589798765820768&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 314
  • https://match.adsrvr.org/track/cmf/openx?oxid=344141c0-317d-73f7-c4f5-21e6cc1ed692&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b13179aa-bda5-4174-993b-e35908e44d7d&ttd_puid=344141c0-317d-73f7-c4f5-21e6cc1ed692&gdpr=0&gdpr_consent=
Request Chain 315
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7z10sCo5s0AAM2zJm4AAAAA
Request Chain 316
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQgL5lJGIGA0ks8ADzHou1h_JM8AAAGFmiA-Mg
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG6mpIJk2xzrvnSdTUQtbzY&google_cver=1
Request Chain 321
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 323
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b13179aa-bda5-4174-993b-e35908e44d7d&dongle=0cfd
Request Chain 324
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM4NDU1NTg5MzkyNjI5NjE5MjE2OQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkEyUoGqwLWhdMGwKTo6YI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 326
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM4NDU1NTg5MzkyNjI5NjE5MjE2OQ%3D%3D
Request Chain 328
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4384555893926296192169&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4384555893926296192169&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=705ac2ed-5e5a-46e0-9b8e-590b7622ccc4&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008354815659&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0
Request Chain 329
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4384555893926296192169?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-4DkrPcdE2oQAmyl3qVSnxa6Fvjp63F0_PcnjQGuuzA--~A&dongle=0883
Request Chain 330
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4384555893926296192169 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4384555893926296192169&dcc=t
Request Chain 332
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=754610246291418313&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 343
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=754610246291418313
Request Chain 344
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F9hhDRZHCbGFDc8IS1ya_ow0
Request Chain 345
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=F9hhDLZHvYQkgSBUQuS46LNR
Request Chain 346
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1673328083447 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837057233 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b13179aa-bda5-4174-993b-e35908e44d7d
Request Chain 348
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=2825e28a-0c5f-4ecb-a68a-7f115f85bfdc
Request Chain 349
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
Request Chain 354
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=&expires=30
Request Chain 355
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 356
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=340w14P5R1SzUNAZbWGJcw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=340w14P5R1SzUNAZbWGJcw
Request Chain 357
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCPSBZFV-1X-9I5B
Request Chain 358
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ltwflla4DoOXW6psaCICJ8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2zd09lFE2oI9pvN4izw3pkG7jxdr.LEz0fxV5g--~A
Request Chain 359
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENQU0JaRlYtMVgtOUk1Qg==
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELJJhDqQvXeqItpdRPwP1XY&google_cver=1
Request Chain 361
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMjIxMmM1NDM2ZTE3MjFkOTJmZTQ1YWY2YzZlOWFmZGI5Y2Y1Zg
Request Chain 363
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB&dcc=t
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
Request Chain 365
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
Request Chain 366
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y7z10vBu9BZ6gdpfiiVpkwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
Request Chain 367
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b41a4b44-2769-166a-67fb1403
Request Chain 368
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=GhuTukodkr8BScngGhDc4B5Lw70BHpPrG026nobP
Request Chain 369
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y7z10sCo5s0AAM2zJpQAAAAA
Request Chain 370
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANo507HeewAACBg8TUHxg&expiration=1674537684
Request Chain 372
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB&dcc=t
Request Chain 373
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
Request Chain 376
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7z10wAKnA0gRgAp
Request Chain 377
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688966483&external_user_id=79728dbd-f2c1-418e-a0b6-9f22148d0e2d
Request Chain 378
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63bcf5d3741c1&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63bcf5d3741c1
Request Chain 379
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4262286037248703328
Request Chain 382
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=754610246291418313
Request Chain 383
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
Request Chain 384
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a9900775-d885-4280-7ce5-221f1d6e12ca$ip$116.90.74.214
Request Chain 385
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=lXhSoj9FHRh6YHSBYpR7&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23CYNBJW62RZIZEFE2BWLFEFGQSZOBJDOJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 386
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1673328083550 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3710609695 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b13179aa-bda5-4174-993b-e35908e44d7d
Request Chain 387
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=GRxl4OxRs7TY&ev=1&pid=558355
Request Chain 389
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c37ce5b0-1968-4ba1-a38e-310b044ed7d4
Request Chain 397
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212075052309978
Request Chain 400
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=b71021a1-f28f-4d18-8e0a-0afcbac8163c&gdpr=0
Request Chain 402
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F2670%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/2670?gdpr=&gdpr_consent=&us_privacy=&A=23bbb514-9d25-44f8-84aa-c65402d361cc&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=754610246291418313 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F2670%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID&gdpr=0&gdpr_consent=
Request Chain 403
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
Request Chain 404
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g8bc675a5d2f2478579c&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 423
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=b13179aa-bda5-4174-993b-e35908e44d7d
Request Chain 424
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=ee0463bc-f5d4-4700-b7b5-e8bdeac49805&gdpr=0&gdpr_consent=
Request Chain 425
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y7z10wAKDHVilgAe HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y7z10wAKDHVilgAe&gdpr=0&gdpr_consent=&_test=Y7z10wAKDHVilgAe
Request Chain 428
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y7z10sCo5s0AAM2zJpQAAAAA
Request Chain 430
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y7z10lto6UCP9PkAwtBI5AAA%264988
Request Chain 432
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 433
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 438
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y7z10wAKnA0gRgAp&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5174024033
Request Chain 455
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=

457 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
www.bg3.co/a/ 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9e2db11dbbb7dc2aa395fbbadb92da7e4142f428b97bbab4ba9d0b1620eafce5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Jan 2023 05:21:07 GMT
ETag
"cc61-a+lh654WsqGJ1LXY+mr4e3HU83I"
Expires
Tue, 10 Jan 2023 06:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
eef6e50516dd1bc5e94db6685463176f5c05db0d2a21fe90aa3d3a3871a5b8ae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 05:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72715
x-xss-protection
0
server
sffe
etag
"2335c83c0d5cefcd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 05:21:08 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
76a862dba57901fcc377abc56285bfd9eda47c05a5cb86b80da26cc404d5d50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 05:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9680
x-xss-protection
0
server
sffe
etag
"e3094a98d196989d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 05:21:08 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5f3d992a8f5c1c422eaa51d219c1459bac9dad5cba9ecb372082de08e47b3944
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 05:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7579
x-xss-protection
0
server
sffe
etag
"44defd1436524ccc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 05:21:08 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 05:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31976
x-xss-protection
0
server
sffe
etag
"e8e1d0567eb4b7ef"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 05:21:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
86c0c06ce362d81cd759060e50dd209b03cd34bd708302af0a7a45e7e7c419c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49220
x-xss-protection
0
server
cafe
etag
2933042316537214908
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:08 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45472
last-modified
Wed, 21 Dec 2022 06:34:24 GMT
server
cloudflare
etag
"63a2a8f0-b1a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AA%2FqnNNTJe%2FO0VuOBIQh66l5mP78AJvedg6YKMSKjqBlBmgRYKrOs8rrOexKtUZ9W%2FNcCnWrWLdsjrqxEd1EeU%2BukF%2BXcwiAJgNVavHwUbxVfZpjjz92ZjMXIy0DVjU1Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7872f7adc8aca823-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 10 Jan 2023 05:21:09 GMT
content-encoding
br
last-modified
Mon, 09 Jan 2023 08:00:32 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
NZ
content-length
9215
expires
Tue, 10 Jan 2023 06:21:09 GMT
adpushup.js
cdn.adpushup.com/42753/ 		543 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
c98846a3eb6200c0618de22dcf90e4d0c0da33ea7bc5a993d1eb58cd3cf77d44

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 10 Jan 2023 05:21:09 GMT
content-encoding
br
last-modified
Mon, 09 Jan 2023 16:37:53 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
x-cf-geodata
NZ
content-length
118716
expires
Tue, 10 Jan 2023 06:21:09 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10177
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKDC%2BogxTOGNd7G0Zcda2RAHLXl9wiiIfEY11aCsLeFV6CiL%2BsDPEaMlCzXaIS6pjeUfqwPcEIrbNeJnXPVoxn4X3Wh5fMe6%2FizIkkOJr7ZiXlwNvwIQgWR2%2FOfLQF%2FE5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7872f7afac26a823-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
5a1cb867ee7ef9bede0243b7b020a3d9e4d28add39dda05762f79e1669450058

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 05:21:09 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
5a1cb867ee7ef9bede0243b7b020a3d9e4d28add39dda05762f79e1669450058

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 05:21:09 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.47824671596379376&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:09 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7906930552868714&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:09 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
93d1ea460ee12ab1fdba72f94cd9c5f319324615ade5d58159043b25aadf877d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119963
x-xss-protection
0
server
cafe
etag
7050401270672169953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230105/r20190131/ Frame D23D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230105/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
66164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 10:58:25 GMT
etag
10353107486223812946
expires
Mon, 23 Jan 2023 10:58:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
03977bccd57186dd5b7f0bd552623d97.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a3f4ca5974e492c5a804c5a59fa40968.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a3f4ca5974e492c5a804c5a59fa40968.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e2c1d8e3abadb11a065958f58e576912.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e2c1d8e3abadb11a065958f58e576912.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6b7c13f5bd5f9edfdb67483f3daac686.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6b7c13f5bd5f9edfdb67483f3daac686.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
511a77d46f403ae77dc2ea4c13a6aad4.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/511a77d46f403ae77dc2ea4c13a6aad4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c8c82b199518a8088ee53f9ad1e87b37.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c8c82b199518a8088ee53f9ad1e87b37.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
59c8ff4df3f00954d57d220a8acbd0b8.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/59c8ff4df3f00954d57d220a8acbd0b8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
af6238ba6a7e90fd011c8be291b616d1.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/af6238ba6a7e90fd011c8be291b616d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
49b8e44ed6a38430e18a7916d1253fab.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/49b8e44ed6a38430e18a7916d1253fab.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7c78239dbd972fef1b03efa730a4c0fa.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7c78239dbd972fef1b03efa730a4c0fa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bab833d2015538e51fd698d52089210c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/bab833d2015538e51fd698d52089210c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7d2810aefe047a6baeba57bd4b446738.jpg
static.bg3.co/imgs/202110/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/7d2810aefe047a6baeba57bd4b446738.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cb6294b8cad90142733fdfe408964c40.jpg
static.bg3.co/imgs/202011/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202011/cb6294b8cad90142733fdfe408964c40.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
133a301826b0df7e02672dfed396c674.jpg
static.bg3.co/imgs/202301/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202301/133a301826b0df7e02672dfed396c674.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
691a2013fbfa8c312a4654d2115c41d7.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/691a2013fbfa8c312a4654d2115c41d7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
eb4e8a4eadf23153513f29d30d30c67e.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/eb4e8a4eadf23153513f29d30d30c67e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
df03fd1c2ab1eb75557afbc48ec3d3fb.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/df03fd1c2ab1eb75557afbc48ec3d3fb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
37ee0dfae4412f851102bed4defa795a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/37ee0dfae4412f851102bed4defa795a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c0a6282bfd7d8ef416d26b12f2feed2a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c0a6282bfd7d8ef416d26b12f2feed2a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
af9b8afa1e56252d04aac3c7b2b66859.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/af9b8afa1e56252d04aac3c7b2b66859.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c854904ff9b174279124c373152be17b526b1f829856f24d6de4b89c7446c413
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Jan 2023 10:02:39 GMT
age
69512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2984
x-xss-protection
0
server
sffe
etag
"b39fe751b85842c3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 09 Jan 2024 10:02:39 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
987cf494483d44d5e01fe5928229625d7536ed129be62d788091bf001443f9ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Jan 2023 15:46:49 GMT
age
48862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
server
sffe
etag
"57f88572ba60044c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 09 Jan 2024 15:46:49 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
37114603e314b43008c3dbe162e09b40cf2cb2a59a20742eca949a04bca77f3a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 08 Jan 2023 09:15:58 GMT
age
158713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23092
x-xss-protection
0
server
sffe
etag
"4ee34b5363236044"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 08 Jan 2024 09:15:58 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
716f1711544128b1eb374f62b2ce9d2635443e1f42a02c538f3b1d882c46896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
466
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNiH9J0GEogBCiQ3YWIxNTljMS0xZDJhLTQ2MTItYTA2Mi1hOTUyNWQ0MGE0NmIQ+OiCoKvU+wIaBgjI6/OdBiINMTE2LjkwLjc0LjIxNCioswMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDJiZTcxMGNlLTM4MzItNDEzYS04ZGExLTEyMmQ2MWEzZjlmZBi46QEiGAgCEhRjZHMyMTAubGEzLmh3Y2RuLm5ldA==.v+YL5zW7kfVS5K6pL3nyDOvZ3yEl5Qobs1G7KJX+ACU=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1673328072.dop064.la3.t,1673328072.cds204.la3.hn,1673328072.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7474 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
c4d3edd5b9ea4d0147ee80cfadccc567bae177fd3278b1b3c36f3fe0f57cca04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34035
x-xss-protection
0
server
cafe
etag
15441393591223481616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 50CB 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
98fb9f77fc0aee18e050d7e800044a17a6e788f5a345f84d1ac65da178142d7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34067
x-xss-protection
0
server
cafe
etag
4619383509992061747
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:10 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b7c80316a514c0892bcf6f6c1966a463dfbb379d97c0fdcefb666408f17ed0dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 07 Jan 2023 23:16:00 GMT
age
194711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10297
x-xss-protection
0
server
sffe
etag
"6829dd3b11eb1a2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 07 Jan 2024 23:16:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1DE9 		714 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
7283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7872f7b66f50556f-SYD
content-encoding
br
content-type
text/html
date
Tue, 10 Jan 2023 05:21:10 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1K5qIdyF%2Bry%2Bq%2BszX9YWPk2i6Wl0ERkq8thhczbeeZqtRfvfNose3NU4giT8nIMlG7Q3u9dEcl5qbg97mQFrEp8gu4ShzImUpLCyr6Rjw0sB3T2PPgXUfbf2HZGP3qFig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 05:21:12 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A690 		714 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
7283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7872f7b67f5b556f-SYD
content-encoding
br
content-type
text/html
date
Tue, 10 Jan 2023 05:21:10 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfjKivmHVeZP8JY5oQ1vRQHYDph25lyQkr2upfOKo5P7B2EbL2QLNUWPrvJIK2Pzny4udHMLc30znFLlurp4zE5f4dOO3X7gkXWG406EAnT5%2BCBhgg4KEKgCp3QMD1OHCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNiH9J0GEogBCiRjZTkyNmNjZS0yYjBiLTQ0NDItODliYi01OWY1YjBkNzFlZmUQ+OiCoKvU+wIaBgjI6/OdBiINMTE2LjkwLjc0LjIxNCioswMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDFiYmM3MTA1LTEwZTAtNGY3MC1hYzU2LWI3ZmIxYjAzZDM5ZBib8QEiGAgCEhRjZHMyNjcubGEzLmh3Y2RuLm5ldA==.ICBZ7TFww5pSmovwyrJUXtiC21YhWa0gsTwtyyzG0/o=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1673328072.dop064.la3.t,1673328072.cds204.la3.hn,1673328072.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
gtag.json
cdn.ampproject.org/rtv/012212151632002/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Jan 2023 09:29:22 GMT
age
71508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"83a6a9d640e3080e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 09 Jan 2024 09:29:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1DE9 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
91d5e7bbab815f660291f1b61c978c270f288cf5e199aacb3ae5e2c6636fe2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27620
x-xss-protection
0
server
sffe
etag
"1447 / 719 of 1000 / last-modified: 1673305654"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Jan 2023 05:21:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A690 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
83b5c380b2e7d30e8942597cbfb273886d9fe8807055e97fc0b8656ed17cf9ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
etag
"1447 / 976 of 1000 / last-modified: 1673305576"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Jan 2023 05:21:10 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 50CB 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
aff96f1b56b04d0010d875affd6e269c3d55984a54ce4544037dbb6c89854b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119970
x-xss-protection
0
server
cafe
etag
13959092926821122003
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:12 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 10 Jan 2023 05:21:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 7474 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
1ad285613aa1a67772ec481eeace5881f2fa839ccacf71655c7eb3fbf6b14524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
509972221141722823
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:12 GMT
pubads_impl_2023010901.js
securepubads.g.doubleclick.net/gpt/ Frame 1DE9 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
1029b050487059828b253f9da4693cbf8a28067c5f9bf0bbef108b3ff1b0ed7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 11:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132144
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 09:38:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Jan 2024 11:54:57 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-5961800537962381&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
1ff56242d20225348e6e8a4fc705f18ea64f6f585b87ede4876f14a0a649e9e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6E0C 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1673328071&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328069066&bpp=2&bdt=1407&idt=2529&shv=r20230105&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8508248951007&frm=20&pv=2&ga_vid=413814887.1673328072&ga_sid=1673328072&ga_hid=1623422492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071374%2C44779794&oid=2&pvsid=931296478709036&tmod=2041207282&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2551
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:12 GMT
expires
Tue, 10 Jan 2023 05:21:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2023010406.js
securepubads.g.doubleclick.net/gpt/ Frame A690 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
93a8a44cca820f9a7aa320974a3b8026218839c9829e86d4cff4eaa3b645a45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 12:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132776
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 18:33:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 05 Jan 2024 12:52:44 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0fddacb1b4b94539fcb975e43c63d6b8fb2257f1c6cdefa318d156d4e5a57374
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:19:14 GMT
age
460918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57948
x-xss-protection
0
server
sffe
etag
"beb5ab581ca1065f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:19:14 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%BB%A2%E6%A3%8430%E5%A4%9A%E5%B9%B4%EF%BC%81%E8%A5%BF%E7%8F%AD%E7%89%99%E6%95%B4%E5%BA%A7%E6%9D%91%E8%90%BD%E5%94%AE%E5%87%BA%E3%80%80%E5%8F%AA%E8%B3%A3980%E8%90%AC%E8%87%BA%E5%B9%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-F78C2O-FoJgQHME0We5CQQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3976608826202517&gjid=0.8062463295147577&_r=1&a=8941&z=0.7382816181841576&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fbd1e8b96c46848db89a70d3e4612e5ac22b113200bc3b376094eeed4cd0e3fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 05:21:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7860
x-xss-protection
0
server
sffe
etag
"ccc714ecb8377507"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 05:21:12 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 1DE9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1DE9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1DE9 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23465460699080&correlator=2077045177536286&eid=31071518&output=ldjh&gdfp_req=1&vrg=2023010901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1673328072648&lmt=1644386353&dlt=1673328070232&idt=2386&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=q46fsluc3qg6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1458370214.1673328073&ga_sid=1673328073&ga_hid=1964961355&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
559f0cc9f561de44bd5ca1ad9e785337e39da6802dc6797a9783e857f0c2319c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3AD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:13 GMT
expires
Wed, 10 Jan 2024 05:21:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame A690 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A690 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A690 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1022571447368023&correlator=3453028046446301&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1673328072888&lmt=1644386353&dlt=1673328070240&idt=2624&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=w3mbi8ib8j78&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=358856739.1673328073&ga_sid=1673328073&ga_hid=1866653344&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
b50ba243cc1e448968d4401a4e7bdba22913e7e04e3323526a5af490c040d130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 58A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:13 GMT
expires
Wed, 10 Jan 2024 05:21:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		281 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1673328072970
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
Akamai Image Server /
Resource Hash
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-image-server-fetch-real
32
date
Tue, 10 Jan 2023 05:21:13 GMT
x-image-server-cost-real
13547
x-akamai-im-skip-dlr
1
x-image-server-cpu-estimate
9
x-image-server-response
request-5686583-15578451-270660ed
x-akamai-device
mobile:false&tablet:false
x-image-server-cost-estimate
13547
content-length
281
x-image-server-product
AIC
x-akamai-country
NZ
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
Akamai Image Server
x-im-policy-version
1
x-image-server-cpu-real
9
etag
"60d2d6c2-277"
x-image-server-store-time
1673328073
x-im-result-width
1
x-im-original-width
1
access-control-allow-origin
*
content-type
image/jpeg
cache-control
no-transform, max-age=3600
x-image-server-original-size
631
x-image-server-fetch-estimate
43
expires
Tue, 10 Jan 2023 06:21:13 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-23567834523559408810.ampproject.net/2212151632002/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-23567834523559408810.ampproject.net/2212151632002/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
94168
expires
Wed, 10 Jan 2024 05:21:15 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=10
content-length
211
expires
Wed, 10 Jan 2024 05:21:15 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
18371
expires
Tue, 10 Jan 2023 06:21:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
9697747e20cb0eb6000cec026d3ec5439e0e5fb2ea8ef5d94d08482bc5211e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27661
x-xss-protection
0
server
sffe
etag
"1447 / 4 of 1000 / last-modified: 1673305576"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Jan 2023 05:21:13 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:14 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 50CB 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
835af589ef43184d6e6ce1d6cdc4e5d48d93ada3bffe9858ff94c939bbe0be74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 50CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 50CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame 77F1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673328073&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
480
content-length
673
content-type
text/html
date
Tue, 10 Jan 2023 05:13:30 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-id
POInTFzbLr5LDU5qaUy0Tu2OupQDeo6woCNpbKeA57dUc75307xv7g==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:13 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 7474 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
3f6bd0c36a51c72ee289c76955304428488b40576019c7996c1c02f045fefeda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 7474 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7474 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame EFE0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1673328073&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
480
content-length
673
content-type
text/html
date
Tue, 10 Jan 2023 05:13:30 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-id
i__LwKWWI_-tMzYJ8SGbZRohytoDWgT9VlNOGmkuwU2T26P6OQDtfg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:13 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzMzMjgwNzM0MzIsInBhY2tldElkIjoiMDAwMEE3MDEtODQyZWE5MTYtZjNiYS00YmFjLTg4ZjAtMTIxMWEyODRjMzhlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZlaS1xaS0zMGR1by1uaWFuLXhpLWJhbi15YS16aGVuZy16dW8tY3VuLWx1by1zaG91LWNodS16aGktbWFpLTk4MG1vLXRhaS1iaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=7254.199998855591
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:14 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzMzMjgwNzM0MzIsInBhY2tldElkIjoiMDAwMEE3MDEtODQyZWE5MTYtZjNiYS00YmFjLTg4ZjAtMTIxMWEyODRjMzhlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZlaS1xaS0zMGR1by1uaWFuLXhpLWJhbi15YS16aGVuZy16dW8tY3VuLWx1by1zaG91LWNodS16aGktbWFpLTk4MG1vLXRhaS1iaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=7255.199998855591
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:14 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzMzMjgwNzM0MzIsInBhY2tldElkIjoiMDAwMEE3MDEtODQyZWE5MTYtZjNiYS00YmFjLTg4ZjAtMTIxMWEyODRjMzhlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZlaS1xaS0zMGR1by1uaWFuLXhpLWJhbi15YS16aGVuZy16dW8tY3VuLWx1by1zaG91LWNodS16aGktbWFpLTk4MG1vLXRhaS1iaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=7257.299999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:14 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
10662
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Tue, 10 Jan 2023 09:21:15 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzMzMjgwNzM0NDAsInBhY2tldElkIjoiMDAwMEE3MDEtODQyZWE5MTYtZjNiYS00YmFjLTg4ZjAtMTIxMWEyODRjMzhlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZlaS1xaS0zMGR1by1uaWFuLXhpLWJhbi15YS16aGVuZy16dW8tY3VuLWx1by1zaG91LWNodS16aGktbWFpLTk4MG1vLXRhaS1iaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=7262.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzMzMjgwNzM0NDIsInBhY2tldElkIjoiMDAwMEE3MDEtODQyZWE5MTYtZjNiYS00YmFjLTg4ZjAtMTIxMWEyODRjMzhlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZlaS1xaS0zMGR1by1uaWFuLXhpLWJhbi15YS16aGVuZy16dW8tY3VuLWx1by1zaG91LWNodS16aGktbWFpLTk4MG1vLXRhaS1iaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=7264.699998855591
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame F9AC 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-815366635365156990&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3117&oid=2&is_amp=5&amp_v=2212151632002&d_imp=1&c=78205008941&ga_hid=1623422492&dt=1673328073457&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&bdt=5798&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1DE9 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
6865fe4a5f3af2b883265c65455aa18d37dd897a265e87cec086a7b87d821906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12289
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A690 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010406&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
0aca2603667c882dc28b75ddd4d9d2c38670dc1a4c7f0df4052412ef4e5bd2b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12258
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1DE9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010901.js?cb=31071518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:16 GMT
pubads_impl_2023010406.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
93a8a44cca820f9a7aa320974a3b8026218839c9829e86d4cff4eaa3b645a45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 12:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132776
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 18:33:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 05 Jan 2024 12:52:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80
x-xss-protection
0
expires
Tue, 10 Jan 2023 05:21:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A690 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:16 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 77F1 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
c1cb3e8fe8812390284c5c27b79c587e5cb5f549db82a07265e0d82425e12c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34032
x-xss-protection
0
server
cafe
etag
17986194520457556340
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:14 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame EFE0 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
5c6663abf6cda2f47eefc1b625835dd008024bd2d89f625618f1cecf0c705d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34032
x-xss-protection
0
server
cafe
etag
6139624084496629303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:14 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/ Frame 77F1 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
f0bfc7f565ffe2912dd3353025a1a0eb8cce7ed98dc03326b91ebb1f50b79beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119952
x-xss-protection
0
server
cafe
etag
8568478993444920824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:15 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/ Frame EFE0 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
6bf50be3fc61730ad8c07c9cbef19aedc3ac16a37dfc02f3bc2a10fb0568f3d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
15280544036723141011
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:15 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 77F1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 77F1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame 90E5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
344
content-length
801
content-type
text/html
date
Tue, 10 Jan 2023 05:15:38 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-id
iZhXy1kyp99zpsNycNrF13f9xpfhvTdvMZe0u5CglwMIQWi5Iolqkw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:15 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFE0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=1&tms=200&eid=44759876%2C44759927%2C44759842%2C31071375
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame EFE0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EFE0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame 3820
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
344
content-length
801
content-type
text/html
date
Tue, 10 Jan 2023 05:15:38 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-id
p9L55iyQv_bgCNddpEkuXCZHpy_zD8-YfAeLenbgL9Y1M6yHQL3TSg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:15 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230110
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117d5c1b24de6d970924e9cb574d963612127e9cc502c6f0ba97eca6ed9a22a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4786
x-jsd-version
1.0.1582
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-69WV/FTicX/nHV8a3njK36jD0/Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnmmJbBYfLAkRj%2BFpaOBjpQQKB%2BmfFILazBhcA2jSlPtlUKzSNmM0zPCTg%2BUcVmbXG0FhvUeNi%2FB%2BveZ2tkxEIQZ3wodYug7Z1oQF3wlmFctaj6BaY23w7QnKP6ofpoRqfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7872f7dc6f7ba8aa-SYD
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22110515733e3b18%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22891e925a032b86%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2211976b2138849e2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2212803c962cc5d25%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7ed7e99-98fa-4c00-9e23-e90ea839e56f%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74492d6993a5e776dcd59cf63d65533ea6ea1397a97fb1c227a543a2f64f829c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PowgY4kXVDfleD0i1ExEUnk%2BITO65gVP%2FUZiSbyux8Wm9fjDlefF0PilJ3gqYTMAc%2BJCvpnCraMNzoRPRwIHDC3lTLZ%2FwOEqLqAFqFHpgcV6%2B3tmhXhNL5ApgXCHEXfDwbv2%2BEUB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7872f7dcad98dfc1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22110515733e3b18%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211976b2138849e2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2212803c962cc5d25%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7ed7e99-98fa-4c00-9e23-e90ea839e56f%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa5de37110c316dd3b5898a81b5865b9fcbaab4cd21880b84f407ef9d0106f6

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GSaV%2FM56epWPL8n2etPPPhpxDf8e4Q2GrGKk9%2Fty1BJaaLfHFTGF4xzB6YNe3oZ%2FoQnTUs%2BHg0D605y7KRNyS4S%2BOqYrzuAbj1l%2FqKGdgZk8gf6tKxftGDGPZBTatCuZmm1WE8U"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7872f7dcad9edfc1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/ 		32 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
via
1.1 google
server
nginx
content-type
application/octet-stream
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
clear
content-length
32
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
75412b71cd61566fbeb2ed5a246ea5974018ba898a5e92d8b3d00ca14a8762de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:16 GMT
AN-X-Request-Uuid
84d656dd-1ee7-4312-becb-67abaaa9d33f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
64f3c0c3d05801adbcc0101b51101d92e9c4307db73909974b1dd0e0d0427a55

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 10 Jan 2023 05:21:16 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid-request
a.teads.tv/hb/ 		16 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 10 Jan 2023 05:21:17 GMT
adreq
ads.servenobid.com/ 		608 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=137
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
60648cb246ce4141867e508bce0a2c82feae1415a695e7cb96acfc6acc7705bd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=81941527763
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=effbd640-06bb-425b-a433-4277a741f2a1%2Cd4924b2f-fd08-4b65-bdd6-c41d0854b372%2C8916307b-41d1-4a3c-aacd-3be33cff9254&nocache=1673328075913&pubcid=e7ed7e99-98fa-4c00-9e23-e90ea839e56f&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
dca1557fd3dfb501a424284bb116ff38ba1ad5ef89f386da52e0ad334c8d5ecb

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7bd92f34-545b-4c27-8ec4-75fa340d77b3&nocache=1673328075914&pubcid=e7ed7e99-98fa-4c00-9e23-e90ea839e56f&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c9fa3474-c39a-4961-b0db-b4ff3602d34f&nocache=1673328075914&pubcid=e7ed7e99-98fa-4c00-9e23-e90ea839e56f&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b0b32a16-8a45-42af-bc1b-e5a561e1d72f&nocache=1673328075914&pubcid=e7ed7e99-98fa-4c00-9e23-e90ea839e56f&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 10 Jan 2023 05:21:16 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.48.74 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-48-74.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.158.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-158-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
65009a56b9e619dfe3d842084fd93cd1b2fd2d45ec3c12964be2db5866052327

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.158.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-158-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
352006807666deea7726b8c08b8b44488937ac2a6ea3c8c8ce17a33f6fbef0a9

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.158.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-158-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
dfdfea69022194841bb0782b2a924a1d5e002d08838c2ea725071989da789b15

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=e7ed7e99-98fa-4c00-9e23-e90ea839e56f%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=b70c3eb2-c4f2-4f00-a062-e5b862a5d351%3Bdee0a6bf-6e50-4f14-9cf4-ae534d790c8a%3Bf61ecfc3-c1ba-4b74-84c7-110161ac2a68&l_pb_bid_id=739f88328a4d1ee%3B74850b635f10a2e%3B75c169c3b7d53e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3282191189744723
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
502d8226205ff7c90825d5ac4f9139551c149abb6b6c89315de9fb3f3ada3554

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.44.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-44-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
7
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
etag
"WQX8ubvDGl3DCUDHzxu0sA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 17 Jan 2023 05:21:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 90E5 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
f5fdb8be98665e4e56b4125b819ebd823434114ad1262ea85e4def6c6427c82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49342
x-xss-protection
0
server
cafe
etag
5972663573038081005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3820 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
0ab2aa62f861a9352a46154b60552333409c7ead1c305c35c009417950f350ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49341
x-xss-protection
0
server
cafe
etag
1258853959870132497
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D592 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9FF5 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
5b49111156985107f74c1b64f7c9a67ba5d11adacb896cbc87ae0d8afce78ae5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QIG3nv9ab6qCTZTDhEDwPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-QIG3nv9ab6qCTZTDhEDwPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:17 GMT
expires
Tue, 10 Jan 2023 05:21:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60BB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9C80 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
e187350764f572e3fa3e66cba6dd7c6d932d28cc9350217937e6c2c146eccc62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-70YaFQmynljpesQUd0FaCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-70YaFQmynljpesQUd0FaCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:17 GMT
expires
Tue, 10 Jan 2023 05:21:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 90E5 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
aff96f1b56b04d0010d875affd6e269c3d55984a54ce4544037dbb6c89854b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119970
x-xss-protection
0
server
cafe
etag
13959092926821122003
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:16 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-17.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvZmVpLXFpLTMwZHVvLW5pYW4teGktYmFuLXlhLXpoZW5nLXp1by1jdW4tbHVvLXNob3UtY2h1LXpoaS1tYWktOTgwbW8tdGFpLWJpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZmVpLXFpLTMwZHVvLW5pYW4teGktYmFuLXlhLXpoZW5nLXp1by1jdW4tbHVvLXNob3UtY2h1LXpoaS1tYWktOTgwbW8tdGFpLWJpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 10 Jan 2023 05:21:17 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=225
content-length
555
expires
Tue, 10 Jan 2023 06:21:17 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/ Frame 3820 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
6bba87644aeb0710b10ef28a67ec39cb837f8c0e13a3b0785f61c8bd64d552de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119969
x-xss-protection
0
server
cafe
etag
2315034276872500744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 05:21:17 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame D592 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 60BB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 90E5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 90E5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D89 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328076748&bpp=4&bdt=596&idt=403&shv=r20230105&mjsv=m202212050101&ptt=9&saldr=aa&nras=1&correlator=7271324632331&frm=8&ife=1&pv=2&ga_vid=1665242101.1673328077&ga_sid=1673328077&ga_hid=201472305&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071366%2C31071399%2C44773747&oid=2&pvsid=108627130740098&tmod=1501451890&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.51isdm9nkg8r&fsb=1&dtd=411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 510B 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328076752&bpp=1&bdt=601&idt=412&shv=r20230105&mjsv=m202212050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7271324632331&frm=8&ife=1&pv=1&ga_vid=1665242101.1673328077&ga_sid=1673328077&ga_hid=201472305&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071366%2C31071399%2C44773747&oid=2&pvsid=108627130740098&tmod=1501451890&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.bfx55ty7vm83&fsb=1&dtd=416
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9FF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010901&jk=23465460699080&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C80 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010406&jk=1022571447368023&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ Frame 3820 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3820 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 964F 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520751&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328077016&bpp=3&bdt=810&idt=404&shv=r20230105&mjsv=m202212050104&ptt=9&saldr=aa&nras=1&correlator=292469716514&frm=8&ife=1&pv=2&ga_vid=2016053148.1673328077&ga_sid=1673328077&ga_hid=1279318029&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071387&oid=2&pvsid=2728621662198204&tmod=313398691&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.3u0y03z5l6a3&fsb=1&dtd=420
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D9AF 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093739&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328077019&bpp=1&bdt=813&idt=423&shv=r20230105&mjsv=m202212050104&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=292469716514&frm=8&ife=1&pv=1&ga_vid=2016053148.1673328077&ga_sid=1673328077&ga_hid=1279318029&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071387&oid=2&pvsid=2728621662198204&tmod=313398691&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9t0jamhxhsq4&fsb=1&dtd=427
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 90E5 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230105&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ab523d8c673b76a1d12c1eaf5031ff7da032d2244bc3586ea688c1dcabac8df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12220
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 77F1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230105&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
0bb4c8810c0d04b3d1d1e0995c02f11339d8083a65ffb19208574888ccdaba27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12452
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 50CB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230105&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
87e14f7f88e7c4cc385aa2a8d350afa057cbeac74ea3cba4d2df129dc24a5065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12394
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bc2641f77863669945442b1e5298838ff101a637eca6488d4b7105248f2dc965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80318
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Jan 2023 05:21:18 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-17.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3820 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230105&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
7f8d63a9dd5487f69d950c0c2ce5ce11fe2f06d619cc87c6fdedff1fd8d31af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12278
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame EFE0 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230105&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
899ed594842c7f0bdc354bd1a9f6fd90daa0738b309370a6e9bfb91bdb735b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12269
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7474 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230105&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
4398e2ae44d67d9b686804de952de2090998f3d78d05429937bda47a685eb2ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12368
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 77F1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 90E5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 50CB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3820 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050104/show_ads_impl_fy2021.js?bust=31071387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EFE0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050102/show_ads_impl_fy2021.js?bust=31071375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7474 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071374
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 107E 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
d593255966e8e7f3c9cc4404f77cb1de8ad60d42e4c9503d2aa61cc110f77cab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-niXkiYrfFTAY1g9VHVnWBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-niXkiYrfFTAY1g9VHVnWBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Tue, 10 Jan 2023 05:21:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mZWktcWktMzBkdW8tbmlhbi14aS1iYW4teWEtemhlbmctenVvLWN1bi1sdW8tc2hvdS1jaHUtemhpLW1haS05ODBtby10YWktYmkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTg0MmVhOTE2LWYzYmEtNGJhYy04OGYwLTEyMTFhMjg0YzM4ZSIsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYmRjNzEzY2MtNTEyZC00MjJiLThjMTMtZWZjOWM0ODlhODY2IiwidGltZU9mQXVjdGlvbiI6MTY3MzMyODA3NTg4NSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYmRjNzEzY2MtNTEyZC00MjJiLThjMTMtZWZjOWM0ODlhODY2IiwidGltZU9mQXVjdGlvbiI6MTY3MzMyODA3NTg4NSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImJkYzcxM2NjLTUxMmQtNDIyYi04YzEzLWVmYzljNDg5YTg2NiIsInRpbWVPZkF1Y3Rpb24iOjE2NzMzMjgwNzU4ODUsImJpZHMiOlt7ImNwbSI6MC4wMSwiYWRJZCI6IjgyZmM2NGM4MDM0ZWFiOCIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY0MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzMzMjgwNzY1MzV9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiaXgiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjgyZmM2NGM4MDM0ZWFiOCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMX1dfQ%3D%3D&c_b=12052.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		180 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=931296478709036&correlator=122279334685443&eid=31071368%2C31069125&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=2&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D82fc64c8034eab8%26hb_ap_bidder%3Dix%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D225f015628a9c403-2251ffb53ad900b1%3AT%3D1673328074%3ART%3D1673328074%3AS%3DALNI_MboInCw5vK3ykQLvQTUnmC1_AOGYQ&gpic=UID%3D00000ba11f16a183%3AT%3D1673328074%3ART%3D1673328074%3AS%3DALNI_MYiZUDLftZ5mfkay6KWY2moTtnrww&arp=1&abxe=1&dt=1673328078248&lmt=1673328078&dlt=1673328067659&idt=8276&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=413814887.1673328072&ga_sid=1673328072&ga_hid=1623422492&ga_fc=false&ga_cid=amp-F78C2O-FoJgQHME0We5CQQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
f31ef1a393c40b11520c985e323ea3d5385e1193cb97edc86b5b76643df641e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62315
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D720 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Wed, 10 Jan 2024 05:21:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B432 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 96C6 		783 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
016ba1c3bbbc25db9be88ab9366cca139018081e82b880bc0c81babffe5dbfb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z7WKzfIqPjHgNbfROf5Gqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-Z7WKzfIqPjHgNbfROf5Gqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Tue, 10 Jan 2023 05:21:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64E2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DC6D 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
711e54109acf1b8c97d4a5466d72a326e0714e60e7fae02a4d8539624c55a0e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b6Ul6a3p6wqMnD4_BSKufw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-b6Ul6a3p6wqMnD4_BSKufw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Tue, 10 Jan 2023 05:21:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 05D8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FC2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 952B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
12cff58f0b543145aa62b2a1f5ebc05db6bc99dcafb2a76bcc48deda859ce887
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2VGvvH-NZAYgsPAnXsK_oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-2VGvvH-NZAYgsPAnXsK_oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Tue, 10 Jan 2023 05:21:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame B432 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A158 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9CDF 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
7e10a541410033a6369957b21ae7bbb0ed82ade7a45ea97432ba15bc8f8054c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QOflAh8DEajljrYEpPxJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-QOflAh8DEajljrYEpPxJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Tue, 10 Jan 2023 05:21:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F46 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
161562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 08:28:36 GMT
expires
Mon, 08 Jan 2024 08:28:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 60F3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
320e149bdbdf0339d9b41b1e6095b6dba5ea37829166d92dadb273f45c02e098
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SG-upKcUQNTmMUgOk2V0jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-SG-upKcUQNTmMUgOk2V0jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Tue, 10 Jan 2023 05:21:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 04:53:38 GMT
via
1.1 75d57b6f1d28b9be49fef8fc0aa4a23c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
gtpfjkPOkVapqSuo0YHA8v1Gbdp840QlIuO3f_Fm0-BI7-wklfi9jg==
sodar
pagead2.googlesyndication.com/pagead/ Frame 107E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230105&jk=581035714307704&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 64E2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 96C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230105&jk=108627130740098&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 7FC2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Jan 2023 05:21:19 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame A158 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 2F46 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DC6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230105&jk=2728621662198204&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 60F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230105&jk=3731464552959137&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 952B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230105&jk=3052707452398066&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9CDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230105&jk=1765725156878927&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1965 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Wed, 10 Jan 2024 05:21:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 395D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Wed, 10 Jan 2024 05:21:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1897 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:18 GMT
expires
Wed, 10 Jan 2024 05:21:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe190&_p=1623422492&cid=413814887.1673328072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673328079&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html&dt=%E5%BB%A2%E6%A3%8430%E5%A4%9A%E5%B9%B4%EF%BC%81%E8%A5%BF%E7%8F%AD%E7%89%99%E6%95%B4%E5%BA%A7%E6%9D%91%E8%90%BD%E5%94%AE%E5%87%BA%E3%80%80%E5%8F%AA%E8%B3%A3980%E8%90%AC%E8%87%BA%E5%B9%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1262448252;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc5...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1262448252;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1509787654-1673328078794;pbc=e7ed7e99-98fa-4c00-9e23-e90ea839e56f;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1673328079559;tzo=0;ogl=;ses=94a0c5e6-4c5d-4819-8991-ee47bbda24c7
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1DE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010901&jk=23465460699080&bg=!0dKl0pbNAAYDMoyoIzI7ACkAdvg8WnRaVsPn5BXmVKiz-aWfiWFYczi6Sm2lSWGC6FSow2yvExQRbQIAAACoUgAAAANoAQcKAAP1zfKZAsAGIAm9oqBxgwMGe5nGwl7ZB_HNKdqXrfL54NYOn6G1UjKe1knMH0Px7x8y0uom86QY0Xngd_r6BBM11aOGFAHYRWTDK68SEJdeZkLpr2Gqu8pD778RbkcCfQQsrpHxqKS5BBT5tAZRTqAK5oHIJpfrWAVwg8WZOBgYM-slo2HAaZacb8AnPO-e_VNGEDoEtCqYjISnB4q22rcpcmX0kiBzGVom2mALA8TT8UQcXe8rh1kC7N5dfRtpdckuTL5dkq46ItE0672tA4U-isTyXjiOniG8JyCHCFcikkYyw99D8QVdWQ6GAyWdArcBxrNWK7s3GXxtv9y73djRmjB4Tt9L4Z_W3KwqN8_tEUMAmRH3RShPaKEVCPR2GWqMcFm2XYbRqeRDc4n9lzlQCZG5Waaz-Jt3mutMzv94so4xWLLG1FQ6yoGDLJlmB68CvtdCDSB2lXyrt2xUbkupz9sM0yZdbetl3W08CKP_YtZSB5C_-ElTh8ND9H3TZkXBjgi-1GEAp_aOdxO-J_WMaCIbnDHCk-20JKkdD6WGUDR3mC-WYvFio6VzLBHyqH7LwdWa-tSOTedcC1NDZNLIOWHLjnoWmVMn-EsTglbPjKcVKINDRQPNj1G-fo6fhQA_XZRPnUW_Spp2HzcKUQMUkC23ejpviJh30vXPkEw8gWPqR4ks6AyWCVWsTcoAFb4xRkH5JULyvwq4J9vNWHW9mQfbxgIjSETWAMgTSRtTQOrI8A0jgsMXm9NdYKnZxp09RgVLGPdaIfDt4Dw3m_39tuY-cXLHFZtN6WajN6T3pPJls_NRyHXjRACPo19eEbO4SlwWzlkyPb4bgIF19DfF3fd_itcWdzrSMV5Fj6Qdy9KY6FuE6vs5WcPKou8wwoAxaBLFxDnV6NO-GQo7fO5nw2XWug-DHg0-AYnSyNtr_xqEfsBcdA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A690 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010406&jk=1022571447368023&bg=!XV6lXhrNAAYDMoyoIzI7ACkAdvg8WmbrSeE4-9c6FEopPy6HyRb4XedxQlhIHv8Te-XXlWlKVlyFwAIAAACSUgAAAARoAQeZAr3ugpFFagDCx9k_2NGGOaSZLW650zw64H07Wfy9T-J41dpJm6397oconKw9oz-DxfW0XlUAU0sHMUUxGeoiTbrTnNVU2slnomFawHIGjLg80PCJH-BI_6Hoxa8AnGEj1TzWwiAEdWCbMXiGwnjTpVMDyOR2diQu5wvWLaNllDA_NPPcvTQm0DbBseJwpBTACFZJxW7zl35Wjlnoaht55NYbAwZU8BSOrFqpfw3Ct2W4Rf2VUdrcqaoBpmhd3p_ERrhoRUjHvEyHMxcTTO_CxrVnyIMm3X-3PL6emAFwSNCIpA2nGREDTJzo31kggkLqIpZZLP9os0b8gEAl1JasJFPFZ1HnyA-FFTkjkH7x_A1gIc2aBmFjjQDyNO9B71dTgTMiBO6E-diKBqMoTCENA_unNR1H-GHFSMtOzPiKuwa3ZwpCVSOLNhc2FbWOD0lXjzpzpL7GUM4VUfmqpPyrDxTUYBB_1xqtBdThE4ewSdIUUJcyJP8D7X5mFl2gSv1NdqoxEmOV1G8mV1wIoc6DMF_dXPs6uKc5bx6f6pUcqt9DhuZZKbdzj_q-LgYXwS-td_a0b96BgUHbzFCOpgTqWa-b3qGAq8f3AGVPMDrhiD8tvhzwbTu7p2vbsJm766qm30dbFQgp96-6x8IM9jebykkScU8Xgp7_VFnB5Swd9FVnafm-V_EoR7H1eRBQiJJBBW3dIjNIMrTVRX5YH574Wja1fWCBb56wpgBHxhETwrZMZDExcA-EF4NFSbpxso1nsNT7qStZJRQ7E-2kBUSP8Mi-eHZ392s0qW6KVG-EX7R9YGdG0-3wgKkKr42KW29WeF2QqUWINn6dwhcBJ5d9lZAkqCap_22_tFI4MUafbqghj-dr0Z3eoEnB3RDPOfMLxmYq44zmnuFuqOmFG0OyeC0XTLkj28S_t1_4Afqf0A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 101B 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGOjnkt0BMAE&v=APEucNWV_gboMcVn5sIIPCzEaNHT2fyw_kucgTLIQ8ELHTo8xwxoXlibJ9_sfvOXEDfjQ1mrRjO9_nwWfXXiENl0xlu1fGf5XQ
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/ Frame 1965 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
5fdfa675e706c6b0fa53e8e435c63e392d53f3f1bf929f2da8c7fa483a5bcca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 06:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
80980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8883
x-xss-protection
0
server
cafe
etag
14413834787433817316
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 06:51:39 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/elements/html/ Frame 1965 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 06:38:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
81757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 06:38:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1965 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNU1ku73DwP7BqvqRl7kcSFx-56R7jfgcMnUw81bWHywU-tdtmtuu_i57PGXq7YSO3m5At71IjWH1WwauSKrp0YSKSH7KkyEAW_lO_mEjA_-RQyM_IAbl01HNfRE70VbWillpYxWUw3N2yqFRRz-JU32tLG9RHYxNdstqNkX2NfbOxVyv2hQnsiyNlOChwPNVanNIv42qR21j8qf2zF02bqrZmIdr7F4k7Z0yLcPTXMJwLQyZbcBM03mm3hkjl03DVBAeSSlnW-iTlbQm8pVgCtvz3g0Td4IP1MLRAbUmZ0XfkRtf3gxOxX_o_7DOQfKh3ZJ32bThJxhRzridOT_e41s38fUVC3sIE2_6bXLaekDEltb0P0jkaTiYIt-Lv8jxp2Df8TtZ7-xbXeGWaQ0VLWLg1MUMdfixSr0a8PbIshdEae_ufSysKqIhWBKPI02Cp-5EAWTBFAdNt7uquzP7OYZ4TVn9PZHJ9JnG0g89p61GTEFnTmipatSNDBfy8zn7g1r-RQL238uNRfueezQ5fGshn30cyrXXkbodXPm5zeC-k_8j5GaMssTMxM1ZRIbPhuHmZw44ng5ZuGW1PB-UP18X7dbMVQ9DuItrI-Q_RwPpZ_LSH1lW7_d1kYOcQazR7-ucj2wBS2ytaEXy-KROywa3QLkUWF0dJYHM4BxS_JFAddCJluG_PQcu9hBMr4uu1fQFUMUmA5m9Gb51M3khggCBRLbw0ECXbPMs5BFv_8YLtkeqTApSpvK1g0WE_pJCazf_2Gi5VJIbeoa0BTNvysx7_PYXx5XkUCAjjhDCpWt0KYN4wwdX47lWCGDvHyyWiOLKF-ktuh7hdL-fFt6mZG69H-PzCxeW_DnsuwcEkXGcmu48YQr_6oW0niQ2zQASyl_x293hnkv-UFLkU6TRh1QU0o4n629_j_NgON9e1oRwPxRqZMuUFe2Z98Nm5oFSTDxdU3Z_wxtwWMnjyUZHXRmpBIlakQr4MjV3rXQUXM1s2C6_kru3c4gLdNbOt5A6Kbd9EJxUwA7Qwfv7ucxaawEYWBBzuXxINHQiwWXiPSIaXaHzhkYJScnTbhcZc5X1N0eHQCZgHM6F-dxzLbEAbdGINBs3FTs3l8_gK_sj_vYomv-8REH1Tc4y9to3sWVknqzjQgBOlADVikdtWDNt2fpH62O_PB98N87vfEmT-NIhE9TvkQ2hoPUBmPdo6IA&sai=AMfl-YSb-xxI6hGkxFSQabeUYj4WLxHOE0TK85PbCjvxhhkHJ3fdwO3hln-IL957NK-hsbSD0EbsI2gpxfYgCF4F1Z0D6HK7mTEB_N_bhCEdxJ7nYAJpEzABkRh__ky0w3YXLwnYYEU23fQeTlj-vA3vxrpW8Xc-6M2dl6scFukL7o0S8d6R3BQgRy7TKeW5aHhRNNQcNkLrY4agY6RdDUr51JZ4oIJX1qZXjpYRWGV-qEfVsT-E8nB2WanY2IXahRNEqPmzRmuPX86XX90UBIIRlliAJ3ve_Jd7uHydfi273EsnLNPiKp5VUa5xH0NKni5t27RqS1wbVO_0O3KGSueS3F-zCBWu28_or1X1e33pFdQpaP_E5JC0v38d07eK79fa3-zjEFy9vXrNweFnPq9MgA&sig=Cg0ArKJSzOZw_KLzWIfpEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230105.40885&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Jan 2023 05:21:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 10 Jan 2023 05:21:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1965 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 06:27:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1965 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AekP_uyrT9CIh5e6TSs1ghuwV6jWpl5pKe8cbTRuX8-fYlmhNwH072dJ1TFIpO64kqHNfcL9S5OuOrC-JqUzlukOprh9luYn0hpbZ_l_9Chbv2_Js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/ Frame 1965 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/window_focus_fy2021.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 04:10:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:10:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/ Frame 1965 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
70ba18c84e9500ed61e0efee2f7ce91f412b1de08876b1089f15a14ce6de0a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 01:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
14068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7530
x-xss-protection
0
server
cafe
etag
12683013478013699439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 01:26:51 GMT
l
www.google.com/ads/measurement/ Frame 1965 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaREmnYRJUem_Jua3J3JWSryI6cvdT3ODo-y1beNcqB0jCxUw4QDA_MaKORyRyqx1rYlfLvtBIj00j76GjagNRj6xThRqA
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1965 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:20 GMT
5715999811342738936
s0.2mdn.net/simgad/ Frame 1965 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5715999811342738936
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4e7d4adec5b04fefffd60cbb624bed909385fb1f606ab0e86916168ad27091c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38680
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 23:06:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 05:21:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E7F6 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGLX9jt0BMAE&v=APEucNUEXf2tcqGBG3ZF0PhNTm2LhdVlfXrm3pDmaRuNfNFNKVEcDSGcaSl66DBtQomLJOZJ1mXXTxwM53JROFaUMbBbVy1KzA
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/ Frame 395D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
5fdfa675e706c6b0fa53e8e435c63e392d53f3f1bf929f2da8c7fa483a5bcca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 06:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
80981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8883
x-xss-protection
0
server
cafe
etag
14413834787433817316
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 06:51:39 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/elements/html/ Frame 395D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230105/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 06:38:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
81758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 06:38:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 395D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPcF63OGtf9jJa9Ye9n7AvAsnIOQhX3Ur_eti_z6BEdNwPt4crKkOmuDWHrhrXqDxgbs_ZY6c_-B2Ie_HoyNQP-yKvFYchfOPyp66lCkipFiZjuHnddnDgjgqJ4croC9AYf4htmE7tePTHXRJYwpf6HntT3-dE67yHNM5aKPC2Hoc35CQtS8aQLr7jUl1vLVCrkj_YcLGRVL2JbPg-KW97k1Aiwqsv9nkXVFbV0sxJaLW4x9ZKMxBpM5G-BisXYCWvLwvsxLwilmWuTS7M2jH0ZwyXk-YC2qb0uJRTg4EPML6Vsf1mjlxTykz2bWHTAX0baMi9dVIiTMf6EZOn0az06ByKXpSP67X8KMsQ_HRJxMsTxksL2uN6QnMumHy7A9sWDkmU9AZqVG1jXg3aBMP9RPgVSFXsp1C-oim0295UGAsL8MuPqNdXSR6Q18h5hk34AFv89gHVD4u5wr2ZKFgtj6vSCGSP7tIN4i4JJbBK74goF3GunXvvnW979S2inCgEic3fQpVO7Joh9N9zmlqkeK_oYOO7tkGggLhMcrQ6WrYS7XyqYovMYzKfCHDe5Raqi9_YsZokNqT84FrIN7NzNGK-kbqz65p8QJ3veoyqun8-7mPnFR11Box7OvMXdkzba9TIzSckTF3uNTcZLMG5YvqgnM-964bia0lVJL4Ns3rDWbVol3Z4dizhlkBYgIdy6aAful84MsZb0lAhDO0jeDW4xtn4DYhOvFvghpiCU6wpxZaY-6Tzv9gvLLzGPdbVKE5enLKqUqJKIJ2GOcPr5yHeOtSldA14TokXoVB102tdT2wamPP082QagjrWvX0vvaBVkahVHV1DE-_DKjKsjfakLvGIG-yLlqVhdBEJ4M7sB73bHWp5FnJNNC20OBUwQlUygDTsMMgIB4JlCItjnPHQzOIWDVvHdok1g4O9ptt92tLCsvTh70l8EU8877o14LDO-CIKIrDHIOzeX30Y4SsHMdiQVpPHWE1jR6_XS4dVzl400dckRAX10Oa0ddUkL9OjTUUII7DwGsHag2ynZYcpOBhY1-JuQlxaEM4tswJSgIgRNkTxeHYJLiTPrQFTWuJX1QnFQztXRYy1crHT_MY0oEriZPKwMXmuL4_t4v_qRWn7YKvDQaauNcPK0gz_z0Y4dd7gAzfRB52ilAzx4nnjUDfQY8nSEX8m1wcUOCQGIC5yo_RlzNSWC4BnaGqCiA&sai=AMfl-YRTUNxwjk3c3SkSRKBMTlsxk-pXudWOkDDoQqE5_tOrB5B6ccTi4nf4VBwI1NDl5pxaeCV4zRBs-lTMY6md5p918gDmtYX0AsPij3qmi2826NacyiJslp0uiDO6YXjhlFM8yRa9zB0yKhYAnYObLc_Q_T9xYB9XQ7mFZ6YYIIK6SDGgDLPBWtR9eSqK0ViSn93F37rblBYuZRjo-1VEmgGyJamVQ6TFYr2Xi-mbA3Wb4mdH3HaD7S2jFRKCCbiOHHEd61OWB5nrqYcZH0xPuL7zya2YQ05YJwHNcACnQzmAQ-n6mUbTbJnMTvt5oOsIMjcFysx3RqzHoExAihnRqMXhwXfYkwy6XQwghqML7Ku0xvu__bq3kepdLSKL7UuEvrKByOioao7UioCUsjpeAQ&sig=Cg0ArKJSzHcmjWrPSDKBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230105.58563&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Jan 2023 05:21:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 10 Jan 2023 05:21:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 395D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 06:27:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 395D 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANYCCjk0-MOiKRO1xxdQDJfQPPTc4_Tf6-AsOQUczVvVVbQoPBJbzbNssD_JmPhC9YmmAgQxonqXJ6d_YCJOk0p7ejvSPkigwiPtUFAwzXXUJIaAc
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/ Frame 395D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/window_focus_fy2021.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 04:10:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:10:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/ Frame 395D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
70ba18c84e9500ed61e0efee2f7ce91f412b1de08876b1089f15a14ce6de0a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 01:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
14069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7530
x-xss-protection
0
server
cafe
etag
12683013478013699439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 01:26:51 GMT
l
www.google.com/ads/measurement/ Frame 395D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdsXfNAo1vJRLIU-0076I8yz3EWSIyf7ZiJNLDBWRuVvDxwUZ1OW_kB-luXZHFONTFKLqFWyrTc_BRabQuYAIR9LJAXQ
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 395D 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:20 GMT
12719435059111291212
s0.2mdn.net/simgad/ Frame 395D 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12719435059111291212
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
9caf40ce37162d6fef424641c662dad6db99cec79a8641e3a7ef5f849dab37ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34322
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 23:06:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 05:21:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1897 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJfR7zvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSoAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI947v3nQx3oSQsCCrRcwxjDUGG6_6u0Q42RQXNFBM6bOPmxw0x2FB4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=4JqMf4x4vZQ&uach_m=[UACH]&cid=CAQSOwDq26N9r48U8VKKwHv7Fau3zESMa3lwt6QiY9XOXLG7qgsElIAXTltupLv41JA-1KKhTMZABdvauCJjGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 1897 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMCCDfn1BnjYBGL4LRICAAAA-ONZtFtuTcMQzfW8Y3ePzAYPx-Mv9EESABIAAA&wp=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184405
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 084B 		115 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
82aab6a9e4643d19aa6a8bed850bd8c349bff79975ba20df691335d9adaf2ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:20 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=xEHYNEH5JVVIgAMzssqO_vgb89We3NIoCv35VZnc2sX1iUL9z1A2NhwCmGxJl6m588oQK56maSJnJJcPqCzelRiff4Es9TIB_kVl0IPu8Q3n-4y9PShCYh3wquSAcHXV5rzHKjPPw758-2bSLBKBASDqP6iz0bTzvfVxNMge-baPt-6YAsOfJ6Dt7DcCaT2n9bvBLXjnDgDfJ5Yyoe8uP-Fl5-RBi8X9r0XnlxaENUjf-pD_J0B80dl6rvmvODT0nQisrkPPQEGTcIPI"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60014152
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/ Frame 1897 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/window_focus_fy2021.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 04:10:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:10:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AB53 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
4145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 04:12:15 GMT
etag
48472445140208031
expires
Wed, 11 Jan 2023 04:12:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/ Frame 1897 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230105/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
70ba18c84e9500ed61e0efee2f7ce91f412b1de08876b1089f15a14ce6de0a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 01:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
14069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7530
x-xss-protection
0
server
cafe
etag
12683013478013699439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 01:26:51 GMT
l
www.google.com/ads/measurement/ Frame 1897 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKrrbc762ljyqZjuSLGoUgfR1WrJ-0LN88ia6yP2n0eUgZi7SF_u7vBsc0_ydfuwcQVK8dArxXmvBpu8slR0saE1OX5Q
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1897 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 02:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
269908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 07 Jan 2024 02:22:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1897 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 05:21:20 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Jan 2023 05:21:20 GMT
rum
dsum-sec.casalemedia.com/ Frame 101B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGOjnkt0BMAE&v=APEucNWV_gboMcVn5sIIPCzEaNHT2fyw_kucgTLIQ8ELHTo8xwxoXlibJ9_sfvOXEDfjQ1mrRjO9_nwWfXXiENl0xlu1fGf5XQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 101B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7z10UgLkrKl6xqW6E2ZYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGOjnkt0BMAE&v=APEucNWV_gboMcVn5sIIPCzEaNHT2fyw_kucgTLIQ8ELHTo8xwxoXlibJ9_sfvOXEDfjQ1mrRjO9_nwWfXXiENl0xlu1fGf5XQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 101B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGOjnkt0BMAE&v=APEucNWV_gboMcVn5sIIPCzEaNHT2fyw_kucgTLIQ8ELHTo8xwxoXlibJ9_sfvOXEDfjQ1mrRjO9_nwWfXXiENl0xlu1fGf5XQ
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:21 GMT
AN-X-Request-Uuid
167e1aae-d54b-45d0-bc34-5aa1ae55fc24
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 101B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGOjnkt0BMAE&v=APEucNWV_gboMcVn5sIIPCzEaNHT2fyw_kucgTLIQ8ELHTo8xwxoXlibJ9_sfvOXEDfjQ1mrRjO9_nwWfXXiENl0xlu1fGf5XQ
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 10 Jan 2023 05:21:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
458a6de1-4b72-415a-80ad-591b20c9de18
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 05C4 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
4145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 04:12:15 GMT
etag
48472445140208031
expires
Wed, 11 Jan 2023 04:12:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame E7F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGLX9jt0BMAE&v=APEucNUEXf2tcqGBG3ZF0PhNTm2LhdVlfXrm3pDmaRuNfNFNKVEcDSGcaSl66DBtQomLJOZJ1mXXTxwM53JROFaUMbBbVy1KzA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame E7F6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7z10WJela2u2biSFR380AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGLX9jt0BMAE&v=APEucNUEXf2tcqGBG3ZF0PhNTm2LhdVlfXrm3pDmaRuNfNFNKVEcDSGcaSl66DBtQomLJOZJ1mXXTxwM53JROFaUMbBbVy1KzA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E7F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGLX9jt0BMAE&v=APEucNUEXf2tcqGBG3ZF0PhNTm2LhdVlfXrm3pDmaRuNfNFNKVEcDSGcaSl66DBtQomLJOZJ1mXXTxwM53JROFaUMbBbVy1KzA
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:21 GMT
AN-X-Request-Uuid
0ab4d016-174d-45e5-94ad-70e8ac530edf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOrJNHWI_6RxdDQcUenxpzA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7F6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhC_r-ECGLX9jt0BMAE&v=APEucNUEXf2tcqGBG3ZF0PhNTm2LhdVlfXrm3pDmaRuNfNFNKVEcDSGcaSl66DBtQomLJOZJ1mXXTxwM53JROFaUMbBbVy1KzA
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 10 Jan 2023 05:21:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
feca141b-4627-4f9f-9825-2f9d72e1d276
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0NjEwMjQ2MjkxNDE4MzEz
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A35F 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
4145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 04:12:15 GMT
etag
48472445140208031
expires
Wed, 11 Jan 2023 04:12:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1965 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf310ffed11a0122e559b5d9cb414fd53ccdb6549430e352e8f6a497fff1352d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame AB53
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfV...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMV...
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7872f7f91d651c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3087
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NfofOGjdR2UuBm8Zl367m37wG4jodGo5IgeHMAmHuhLms0mYWPXmvBrBV4JAPfgC90Y31wxaj_5_Dx1oKfOHVauymvRMVfVQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7872f7f76c081c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB53
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGNZSAiY55cDdVaIm4jFvXA&google_cver=1&google_push=AavPq0OIT_WxQEogFpRmSqqdzUsRBRboFatu9D5hnXacS0_INpWBDC8S7SU_cgj8cakO1Um1xPevokZoFuCkp_7knRclF1mwnFJL
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B09099880924638AF3864DE4963A102&google_push=AavPq0OIT_WxQEogFpRmSqqdzUsRBRboFatu9D5hnXacS0_INpWBDC8S7SU_cgj8cakO1Um1xPevokZoFuCkp_7...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B09099880924638AF3864DE4963A102&google_push=AavPq0OIT_WxQEogFpRmSqqdzUsRBRboFatu9D5hnXacS0_INpWBDC8S7SU_cgj8cakO1Um1xPevokZoFuCkp_7knRclF1mwnFJL
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B09099880924638AF3864DE4963A102&google_push=AavPq0OIT_WxQEogFpRmSqqdzUsRBRboFatu9D5hnXacS0_INpWBDC8S7SU_cgj8cakO1Um1xPevokZoFuCkp_7knRclF1mwnFJL
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 09 Jan 2023 05:21:21 GMT
pixel
cm.g.doubleclick.net/ Frame AB53
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECME8n6qbbX47c-jqbz8Cs0&google_cver=1&google_push=AavPq0Oi8od4cBXbWOw1MHpEi1iPrkvX-ndHRa4XjytqOA3KoQV2Kxcx5IzUD1bhiwBdIhypq6G106E...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Oi8od4cBXbWOw1MHpEi1iPrkvX-ndHRa4XjytqOA3KoQV2Kxcx5IzUD1bhiwBdIhypq6G106Er7yEhePnCIu72D1bXxnrUNQ&google_hm=gwmQsLsNSW-5Gjz...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Oi8od4cBXbWOw1MHpEi1iPrkvX-ndHRa4XjytqOA3KoQV2Kxcx5IzUD1bhiwBdIhypq6G106Er7yEhePnCIu72D1bXxnrUNQ&google_hm=gwmQsLsNSW-5Gjzqd7A_4tY
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Oi8od4cBXbWOw1MHpEi1iPrkvX-ndHRa4XjytqOA3KoQV2Kxcx5IzUD1bhiwBdIhypq6G106Er7yEhePnCIu72D1bXxnrUNQ&google_hm=gwmQsLsNSW-5Gjzqd7A_4tY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB53
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESECENO11UQcsaIqX3ZBE_E2k&google_cver=1&google_push=AavPq0O8VcMADnkweNrm0_Kl4L8e6ioMwLbtdgJhL1tEkFqIXqH_YVzfQdL2jzoZzYrmwxBg1z2VTYjSgtO6Jo58qsI0T2RD...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0O8VcMADnkweNrm0_Kl4L8e6ioMwLbtdgJhL1tEkFqIXqH_YVzfQdL2jzoZzYrmwxBg1z2VTYjSgtO6Jo58qsI0T2RDMhyE6Q
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0O8VcMADnkweNrm0_Kl4L8e6ioMwLbtdgJhL1tEkFqIXqH_YVzfQdL2jzoZzYrmwxBg1z2VTYjSgtO6Jo58qsI0T2RDMhyE6Q
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0O8VcMADnkweNrm0_Kl4L8e6ioMwLbtdgJhL1tEkFqIXqH_YVzfQdL2jzoZzYrmwxBg1z2VTYjSgtO6Jo58qsI0T2RDMhyE6Q
Date
Tue, 10 Jan 2023 05:21:21 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame AB53 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBrGH1VH2AJBd-tRg4vkrs4&google_cver=1&google_push=AavPq0MygZr1jzCYImOlgCuGNcFZk7XmNWAmzAqw2OtO8BypmIybe6HrzRGGpajyzTJqyoRIyFcO5d9diDepDtSGXCtB4LxawjHULw
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame AB53
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFdgsZdBIxa1AANG3CRGgYY&google_cver=1&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwG...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFdgsZdBIxa1AANG3CRGgYY&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwG...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwGFi8dJorZCEDMyPr&google_hm=bFhoU29qOUZIUmg2WUhT...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwGFi8dJorZCEDMyPr&google_hm=bFhoU29qOUZIUmg2WUhTQllwUjc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Na8WOupgNuTE714LKMxuHNpm1EoqzUStYLvC39Rh6R1PyooV7wuXRqDmNOihbXcjJLVGelpwErNbRwGFi8dJorZCEDMyPr&google_hm=bFhoU29qOUZIUmg2WUhTQllwUjc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB53
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDXMjoDVZf9lME-VrBOkIgU&google_cver=1&google_push=AavPq0Pkxt1qcEEqezCQ2C8BJGPymZOaPf_hPbTr2b2t2ggB62KDzmAS8UNiE1FSV9KXXOpeJRzih39yVaE0f29...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VkmeciLcRB5ygdNgzTW4TXRaStY&google_push=AavPq0Pkxt1qcEEqezCQ2C8BJGPymZOaPf_hPbTr2b2t2ggB62KDzmAS8UNiE1FSV9KXXOpeJRzih39yVaE0f2...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VkmeciLcRB5ygdNgzTW4TXRaStY&google_push=AavPq0Pkxt1qcEEqezCQ2C8BJGPymZOaPf_hPbTr2b2t2ggB62KDzmAS8UNiE1FSV9KXXOpeJRzih39yVaE0f29eWSSL8crjc7n4
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=VkmeciLcRB5ygdNgzTW4TXRaStY&google_push=AavPq0Pkxt1qcEEqezCQ2C8BJGPymZOaPf_hPbTr2b2t2ggB62KDzmAS8UNiE1FSV9KXXOpeJRzih39yVaE0f29eWSSL8crjc7n4
Date
Tue, 10 Jan 2023 05:21:21 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame AB53 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-mGPgQ7E9g5brnxPCmz6uXjzQJsBPMxzW4r1omrZj72SA5cNof6aucOjc-NrNVvskAsxr
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 395D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4583b79ec94fdbbf33399ccebf9756b081d529ee51b9910d00e973c26f090574

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1897 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a32511878b2514c01a5f2d703fdfadef5791699ec540914c2b4e467cb891bd1e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7EA1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
215778
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Jan 2023 17:25:02 GMT
expires
Sun, 07 Jan 2024 17:25:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7EDC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
215778
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Jan 2023 17:25:02 GMT
expires
Sun, 07 Jan 2024 17:25:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 05C4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1&google_push=AavPq0OmVXlAHVIUYjlNHHecTU1ki1u_iHIcYbk9HROdM0FsB7mWcrRWHJBc20-kgaChSyj4NbAAS5OY7aurWFs3GlpA_zj5nlGv
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI2MjI4NjAzNzI0ODcwMzMyOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 05C4 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHegMOC62tCih8ZXIRRgjkI&google_cver=1&google_push=AavPq0MdAM0MdOIqcsAINXbgT4ZNJitsDES886OqxLtDr40NxjSpEkYb9KkDMI6uqZc8oaJNp9nnKt6WXyR677fd2DseS7mZ6itu
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 05C4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM...
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7872f7f95d9a1c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
177
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0P-mTbE7TR-sIbNPQdtmG_FClsxb8IKFhjO-OeamCsV6ZGlnlwabwMKPAUIIW9bNTvav5QCT-FEIXoDUwUpSxSeQOTX7aM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7872f7f78c241c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05C4
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESECENO11UQcsaIqX3ZBE_E2k&google_cver=1&google_push=AavPq0NbBpVMUzp5H3WTO7okDhzwkruRgJU9r5qJIBJp2NmCcJUFbmhSlTYfw2nMGmUBzxa_uNFuGiyUQKPrMjTkw43dBken...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbBpVMUzp5H3WTO7okDhzwkruRgJU9r5qJIBJp2NmCcJUFbmhSlTYfw2nMGmUBzxa_uNFuGiyUQKPrMjTkw43dBkenu9f_
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbBpVMUzp5H3WTO7okDhzwkruRgJU9r5qJIBJp2NmCcJUFbmhSlTYfw2nMGmUBzxa_uNFuGiyUQKPrMjTkw43dBkenu9f_
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbBpVMUzp5H3WTO7okDhzwkruRgJU9r5qJIBJp2NmCcJUFbmhSlTYfw2nMGmUBzxa_uNFuGiyUQKPrMjTkw43dBkenu9f_
Date
Tue, 10 Jan 2023 05:21:21 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 05C4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELiYBmlZMG26mnxN1IAE-cc&google_cver=1&google_push=AavPq0M0BMMnpvXYAeBMwalHxCCVZsgprW5py-0cItV1LmHTVrM_3Z5zVTOnwMj6lIhdSViyYn7FCWAxe-ILp8600GMa8I2...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M0BMMnpvXYAeBMwalHxCCVZsgprW5py-0cItV1LmHTVrM_3Z5zVTOnwMj6lIhdSViyYn7FCWAxe-ILp8600GMa8I2Msel4&google_hm=eS1nd3RVYlY5RTJwRUR3MH...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M0BMMnpvXYAeBMwalHxCCVZsgprW5py-0cItV1LmHTVrM_3Z5zVTOnwMj6lIhdSViyYn7FCWAxe-ILp8600GMa8I2Msel4&google_hm=eS1nd3RVYlY5RTJwRUR3MHpGNkpralJZRGdJN213UG9PaH5B
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M0BMMnpvXYAeBMwalHxCCVZsgprW5py-0cItV1LmHTVrM_3Z5zVTOnwMj6lIhdSViyYn7FCWAxe-ILp8600GMa8I2Msel4&google_hm=eS1nd3RVYlY5RTJwRUR3MHpGNkpralJZRGdJN213UG9PaH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 05C4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDXMjoDVZf9lME-VrBOkIgU&google_cver=1&google_push=AavPq0MMZ-YNzo3JjdojQGDl2R3WHgCLt7s9XelR9p4oFaLFE3e0VfwgRmW-LxFFkKpQJInJmvnJ626GS5f2l44...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qZAHddiFQoB85SIfHW4SynRaStY&google_push=AavPq0MMZ-YNzo3JjdojQGDl2R3WHgCLt7s9XelR9p4oFaLFE3e0VfwgRmW-LxFFkKpQJInJmvnJ626GS5f2l4...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qZAHddiFQoB85SIfHW4SynRaStY&google_push=AavPq0MMZ-YNzo3JjdojQGDl2R3WHgCLt7s9XelR9p4oFaLFE3e0VfwgRmW-LxFFkKpQJInJmvnJ626GS5f2l44Me61_hi2IMX_c
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=qZAHddiFQoB85SIfHW4SynRaStY&google_push=AavPq0MMZ-YNzo3JjdojQGDl2R3WHgCLt7s9XelR9p4oFaLFE3e0VfwgRmW-LxFFkKpQJInJmvnJ626GS5f2l44Me61_hi2IMX_c
Date
Tue, 10 Jan 2023 05:21:21 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 05C4
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZ...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEA9UgC_-dx9GebwG_3ZWHS4%26google_cver%3D1%26google_push%3DAavPq0OoH1wWAGD6yQchki...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A7342227780433450611&exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCD...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTczNDIyMjc3ODA0MzM0NTA2MTE&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeY...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTczNDIyMjc3ODA0MzM0NTA2MTE&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZk4caQtLeZt2HN0ZDSHhlTA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTczNDIyMjc3ODA0MzM0NTA2MTE&google_push=AavPq0OoH1wWAGD6yQchki6h601ubLl8n-5IVBkfnKTouNPWqyCDhmSI5xYd6Q_vOnqNOJz0fzyZMeYZk4caQtLeZt2HN0ZDSHhlTA
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 05C4 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyD9HeQfCXm6f08OQERcNc5uRxx_Bu89GOhbJNqV6fOovN0PgY2ZRjDAG7niETDQG6ShCvew
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A35F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1&google_push=AavPq0MDiWmDEOEnHRTdM0ePYjDonh1gSTWh_XQpLhstm92vsrnFV2yAOYtzaZXvlRz-VV8fKPgUIN3ob4ZXccjrobv684dId8izq...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyODQxNzAxNjY1MjAzNjk2MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE4rvRWNf92rRNnNi7lUris&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A35F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42G...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL4...
43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7872f7f99dd71c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1677
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHGg2u9U6ckTHVdShhzj_Jk&google_cver=1&google_push=AavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NbLwLa2jYSgJpg0CDhis-oMlvuotYYzCFillbz9YufJFqdXTvNcXate8npKebKJ34wrPAH1016DKn9wITs_PeGsBBLSL42GF7xKCda_BGW94r8y1AfUwzQ28Gl8AbTN6EjEBMUsWCffKr-MOAcHjc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7872f7f7bc501c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A35F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGNZSAiY55cDdVaIm4jFvXA&google_cver=1&google_push=AavPq0P1z9qKhm3rW3sX1HhhZb3holnTdqEH7ZeEdxHwl8DL-02UyUBw0rZizfCJKW5ylAhjlSCMdIOXIFi0ng_oW99bLxEG2FGDFc...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50FCB8F1664C408CB1D2D56BADC2C391&google_push=AavPq0P1z9qKhm3rW3sX1HhhZb3holnTdqEH7ZeEdxHwl8DL-02UyUBw0rZizfCJKW5ylAhjlSCMdIOXIFi0ng_...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50FCB8F1664C408CB1D2D56BADC2C391&google_push=AavPq0P1z9qKhm3rW3sX1HhhZb3holnTdqEH7ZeEdxHwl8DL-02UyUBw0rZizfCJKW5ylAhjlSCMdIOXIFi0ng_oW99bLxEG2FGDFcTq3aUergTG_sHBtQyaLtCDSzWFmrHBW-QrxpDm4aFpPMmum8SZpuw
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50FCB8F1664C408CB1D2D56BADC2C391&google_push=AavPq0P1z9qKhm3rW3sX1HhhZb3holnTdqEH7ZeEdxHwl8DL-02UyUBw0rZizfCJKW5ylAhjlSCMdIOXIFi0ng_oW99bLxEG2FGDFcTq3aUergTG_sHBtQyaLtCDSzWFmrHBW-QrxpDm4aFpPMmum8SZpuw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 09 Jan 2023 05:21:21 GMT
pixel
cm.g.doubleclick.net/ Frame A35F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESECCNJmll91nfkSfZWHh7wYU&google_cver=1&google_push=AavPq0NaKxR0O0iWpjoeWWc28LcaHKqcvYJoj7bFbpnpzNK0Nrq-r2BIVUwONtHLezKnq7HwOjGELv6OpOunQRtmdx...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESECCNJmll91nfkSfZWHh7wYU&google_cver=1&google_push=AavPq0NaKxR0O0iWpjoeWWc28LcaHKqcvYJoj7bFbpnpzNK0Nrq-r2BIVUwONtHLezKnq7HwOjGELv6OpOunQRtmdx...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YjEzMTc5YWEtYmRhNS00MTc0LTk5M2ItZTM1OTA4ZTQ0ZDdk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=b13179aa-bda5-4174-993b-e35908e44d7d
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YjEzMTc5YWEtYmRhNS00MTc0LTk5M2ItZTM1OTA4ZTQ0ZDdk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=b13179aa-bda5-4174-993b-e35908e44d7d
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YjEzMTc5YWEtYmRhNS00MTc0LTk5M2ItZTM1OTA4ZTQ0ZDdk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=b13179aa-bda5-4174-993b-e35908e44d7d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame A35F
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECME8n6qbbX47c-jqbz8Cs0&google_cver=1&google_push=AavPq0N7kcqFtX1mBymZaObwlDmny_oS8oQMeCVVbdnZDjLBdlWFaMIpmRUQr3xKwUs6FAV8TYbV6_b...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0N7kcqFtX1mBymZaObwlDmny_oS8oQMeCVVbdnZDjLBdlWFaMIpmRUQr3xKwUs6FAV8TYbV6_bvtm7YwKbG2od2Z0G3dUC7vxV-9mXZjXuz6D-4dcvzJhF4C5F6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0N7kcqFtX1mBymZaObwlDmny_oS8oQMeCVVbdnZDjLBdlWFaMIpmRUQr3xKwUs6FAV8TYbV6_bvtm7YwKbG2od2Z0G3dUC7vxV-9mXZjXuz6D-4dcvzJhF4C5F6brhdevQCDm-U9dLgiRiKhHCclO8&google_hm=83QpSJh0REuVdLzHWuYF29Y
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0N7kcqFtX1mBymZaObwlDmny_oS8oQMeCVVbdnZDjLBdlWFaMIpmRUQr3xKwUs6FAV8TYbV6_bvtm7YwKbG2od2Z0G3dUC7vxV-9mXZjXuz6D-4dcvzJhF4C5F6brhdevQCDm-U9dLgiRiKhHCclO8&google_hm=83QpSJh0REuVdLzHWuYF29Y
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A35F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELiYBmlZMG26mnxN1IAE-cc&google_cver=1&google_push=AavPq0Mv1WEExD87_BtRn3BWPZBFhAzcHONeQ9uuxglvJRqzuknpU6Izla3RnwG9d9CB1esoS0IR4ZcK4FN_WvDUOcaXU2O...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mv1WEExD87_BtRn3BWPZBFhAzcHONeQ9uuxglvJRqzuknpU6Izla3RnwG9d9CB1esoS0IR4ZcK4FN_WvDUOcaXU2OZgqXpa_V1Nab1iVpLems-xlTKk7W68u6VMTr8l...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mv1WEExD87_BtRn3BWPZBFhAzcHONeQ9uuxglvJRqzuknpU6Izla3RnwG9d9CB1esoS0IR4ZcK4FN_WvDUOcaXU2OZgqXpa_V1Nab1iVpLems-xlTKk7W68u6VMTr8lpsMhrIuBhoYZXWLZotZYAg&google_hm=eS1GbFlQN2xsRTJwR1JBZ2FHQ0NHME12NGF0amJUdFdTSX5B
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mv1WEExD87_BtRn3BWPZBFhAzcHONeQ9uuxglvJRqzuknpU6Izla3RnwG9d9CB1esoS0IR4ZcK4FN_WvDUOcaXU2OZgqXpa_V1Nab1iVpLems-xlTKk7W68u6VMTr8lpsMhrIuBhoYZXWLZotZYAg&google_hm=eS1GbFlQN2xsRTJwR1JBZ2FHQ0NHME12NGF0amJUdFdTSX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame A35F
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpD...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEA9UgC_-dx9GebwG_3ZWHS4%26google_cver%3D1%26google_push%3DAavPq0PfCe4IL3erAf_T7n...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A7895670797110204250&exchange=193&google_gid=CAESEA9UgC_-dx9GebwG_3ZWHS4&google_cver=1&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_Di...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4OTU2NzA3OTcxMTAyMDQyNTA&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatp...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4OTU2NzA3OTcxMTAyMDQyNTA&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpDhXNFSVG6ysB-QCqWbl1qXfYDz9VbYM33u1It-wFzhNaPsXOBRVymxg8PfK_AOZOCaL-SOUZqw_Po
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4OTU2NzA3OTcxMTAyMDQyNTA&google_push=AavPq0PfCe4IL3erAf_T7nyAuR8rRptI4QUeGr0fZqyy0Xe80_DiDfu3hQqWAEGwv4MB5GYcY6aFatpDhXNFSVG6ysB-QCqWbl1qXfYDz9VbYM33u1It-wFzhNaPsXOBRVymxg8PfK_AOZOCaL-SOUZqw_Po
Date
Tue, 10 Jan 2023 05:21:22 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame A35F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTYY7hswHIlKySR2qgrFhBftJ4JTPPDiA3Bxz9AU8-DKeohZLBnRiu0jak6Zwg4N7Qxf2bEg
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 7EA1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 7EDC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:30:23 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 084B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:20 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 084B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 084B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 05 Jan 2024 05:21:20 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 084B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 05 Jan 2024 05:21:20 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 084B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=hXmn4H-1LfqwuheEw9L6HC0Ic3PKKqbwthdpmEWAr3wgYYuinKV8yd8eEfq5yP4ltE0qfaAptpabtKxMAyO25n3g1hEAGYO5ZdqeEp1lUzgen2Oq35guLRP2iuMJOvpJRX8D0qgBU3vAR0BcKs23UW4xcg7d4xmhDXyZMyZvAj3KxCiWnzYJV-tqIP7XELLRK8PKN9MszQB7taDEuGXjukugs2j2hvQX65iuj_yNUhgCOHcGYTeN-aYJC78wHY-LMpcMiNixTmllQyc4cdGfMrZ1hX9X8jAzPVm7LcgmDOiV8ogWe9Bs6vF16QgoQ3RauNyrPj2Nr7xBxV6tzCDLNQosG_grhtKBAnY3EGFV7ZCMQf2ALg_1BaELKl6AIwMzWVEsyt6aMW_05e5OgGoq6UOOywY1C6Qtu7xvVE2RNEnAxSKtu9TKlJn4nTbOK233a5LfSQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2465379
expires
Mon, 26 Jul 1997 05:00:00 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 084B 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:21 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 084B 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 77F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230105&jk=581035714307704&bg=!r6ylrOjNAAYDMoyoIzI7ACkAdvg8WiwgFw3NSgob8mgx7iAXaW9xL5egJfEfpFeGRDwJVYPsIbbIMgIAAABsUgAAAANoAQeZAtGiQGypmQTaRN2BSZxHhmjjav0UCi4Lm0KIku-FlzreOts23g-3pljKEr6zvTBUIfWAG_-RuURvu7qH9hZPtan29UuwQe_Q4cVN1pb-hQi2ABrmlr4v6hIiNe8Hsi-E0ckP70XvgRzzjdbRFMCMN7556BBMBUC9MKwlEO3j6wUaY9FnxUWKbJPbFk2Nk3kggi9JVYy5GA0Fg8cP5vRMxZwWdZrA_C7YXcq-PUc6uhKfQvvVLBCm-2lNTRipYSPoc2h_EyldeYtXZbNF_AqXo8YXrPv5_VsmfhvrhOOBKNQXTBas3Uxy8fu3HOBhY0gGGtY3t-i1cEQyrhXwZfYd3oInMhMlm0QPkFLqGLXwoFLhDlD6vHxegVonmFyzK6nGvqpaeUpvHIqNSckUNFXzetIcAT2sdB52dMAAnOW4R6PX4RGH8KJAJPzRD3oIp8OQW-dpXMVzFdc8ovIdyGgc1unKvPrWia7NHuMYr-AcBkC8YmRmYj5ZEhXQW7o4_gn6PUMl4RoyQIxrFsXawZ_zkKM4NL-7HsG9q3hJqmxTYnvFLwq78jxgBtJgdJ-XpiWFlNYFE7rhDZtJaTMRUyBjnDQMB9m8Vx7cEJB6r7wNeT8MUC0O-t44vmUdENB01zSkT_8quF4alLNCu4vDX9Vdbx_35UysA-enq5nMIVxOH-Vz33hhGTqWxzeyMzlWZUSjalN3GoRO3J-noeKe5lWYoNAB4nrWevsE8BTDPtW-HQrS_6UfQ_gbYnt_1NBWmb_OPHHq4lod66IczhMBe6ZqJRU8eis-IEteQJbYrWiS1B9IDVUNlYkITcf6dOQRKtG9VsXZ3wSSEqQOl3DKVIo-UKyDUz92qRAJQERfcC3Mf33rgNa3HX8gt6sfxYObsEUrkh6-w0uwaDOwK_o7MfPkosFOJKxjDwOAkArFApSCRUDS5835lZ3G8FetcQv_ixxGqgq7
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
animejs.js
static.criteo.net/animejs/ Frame 084B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:21 GMT
img
pix.as.criteo.net/img/ Frame 084B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=70489&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F70489%2F200408%2F3c09cdfc5e5e455b8f2fd075602a8b8a_square.png&v=3&w=236&s=v5a5a-1Ho6-hAiLBwSvzQ4YQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
db49cd0a9525be37293bbec39406b757d336b4c995b121ab09494a39407721aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27038233
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13964
expires
Sun, 19 Nov 2023 03:58:35 GMT
img
pix.as.criteo.net/img/ Frame 084B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F4%2Fc%2F4cd7022171ec6d8c1c874941f81bdb7e.jpeg&v=3&w=400&s=BgTy6UitdFqtY9RgFcjS0kAp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
1b415b03535ebe46491f5d605d18752af8a7eebb2551c68db0f76170de2da702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27618298
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3338
expires
Sat, 25 Nov 2023 21:06:20 GMT
img
pix.as.criteo.net/img/ Frame 084B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F5%2F5%2F55de2612acfb8d3834e96737b9cc22c1.jpeg&v=3&w=400&s=m7oHpHVgXT9KxmWsqsejVgDF&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b096792c77646b1a6bc6d5f11eae35a00f4ea0f1d9dd6f9cd4db24079ebe1f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30526786
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2648
expires
Fri, 29 Dec 2023 13:01:07 GMT
img
pix.as.criteo.net/img/ Frame 084B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22577_pregnancy_maternity_g-shape_pillow_-_blue.jpg&v=3&w=400&s=pB7xNvNSPJSgzuac4GwtNRcP&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a2d714c4977f10509b8d369363b61b7f7053ee3c4057c1291abe418f9a04c508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27114520
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18234
expires
Mon, 20 Nov 2023 01:10:02 GMT
all
csm.as.criteo.net/ Frame 084B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xEHYNEH5JVVIgAMzssqO_vgb89We3NIoCv35VZnc2sX1iUL9z1A2NhwCmGxJl6m588oQK56maSJnJJcPqCzelRiff4Es9TIB_kVl0IPu8Q3n-4y9PShCYh3wquSAcHXV5rzHKjPPw758-2bSLBKBASDqP6iz0bTzvfVxNMge-baPt-6YAsOfJ6Dt7DcCaT2n9bvBLXjnDgDfJ5Yyoe8uP-Fl5-RBi8X9r0XnlxaENUjf-pD_J0B80dl6rvmvODT0nQisrkPPQEGTcIPI&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 084B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 084B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 90E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230105&jk=108627130740098&bg=!tbaltvLNAAYDMoyoIzI7ACkAdvg8Ws1LJzPXsJr3g2ptYbpe-84R1E3YqVqaXc16K6Xm19_c2pvbLQIAAABaUgAAAANoAQeZAu-EC8xNostjd6PjhCNdjF0VPMnHlwKv-O2wBiER7cbfENa6bDeZ5aK4pthuxLH8dVAIodZq76eMxJWKK6YVNVzoKFq1Ii1F4__8pcknTiWPf-a4roqmwu9kYevA18JQd7dgbEOZFeu5vdVjVgdtz0tt5BxFfeYbQGOSbyXkA_rDGhxeCrYnh8BniGxoVZBD3bwtMKtCaYapAcPfIlgU7T08xTikVLfLMtKa7RxPfi0R_gVxmS9lDTyhhLX9AFA6_IT9g_4zmF6tNc2D3_US0If-tCbysHsYm8O3MxjMWd5gghVKIqK0hTgzmHZ4QWJrPH_nj3sNRfoVBsf8Cb3syAoeu4ZkYCThD-bSXNUyeOks9SxX_8Q3OgQhsCBmWyFcVGJU6kYB_YmzuVgyIz9HdvmC_MI7fkSeCnuRoSS-uC7goBj4HeIi5qx6-93Mq2avQATUPir6pFMNOiCbjCwLVeujCjDqlLQdbOTc60-HeLBy7azjQlXA620lcf3sgbu1qFTZmh1BSAuQn21X0n9aPt35-k3pNXrXUnmk9q9_T5NGdcwm0T5JZb94lIsU3qSfd5C6MMOIDcCLqDUI1L2XUjCqteWXz859PV9RCoRRqREhA0HZMMDfCghyJl7J7fD7iqhpGwndtBVNdcT8txz8-EIBjOHKwVTM6K259bUhiwF1Ogg7AVXSd5FrxNPsqPB9CebfZvmb5n0F2QnwwvFCdN4VBK0X9pRGblBiyaN_eTpCfJRxhvS_yKWUcqe-dPqjp_2MxHNQ8Eb06cK5ipvzqLhdw47TzfhJJHiKJIl2FlN-VTFS5YMFSv2Vo4JiKv8kdi0VBhSV3eDy45Kwu7-6jXDgc0rclbIZlcMzgW_IDBW2oAU58cDYNs_zC240Dv-H5-JACQ17RixBGvHifS7DobnjxlO-FcDxJOKklsIkOK60nnU9v7w-pKns8a8bEUy43DMQyIQRLQ0cqy3CrreOzjj_HhO1MfuBknIScznX1dYG
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EA1 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqT--zvW8Y52pGbqT1Ab827XwBgAAAAA4AeAEAg&bg=!zc6lzorNAAYDMoyoIzI7ACkAdvg8Wsi4QfAlAEy4TGlVXnId3igeDPSeIyMhkeCvvVwUVvZJYexWugIAAAC3UgAAAAJoAQeZAub0-QJ_Uaez2QPSIngCk60oYVy6Gjml-U8M3JpdoOeoqJU9rssKmHO8CqaWbE3jBSIxXg9JAw3USLck7_-Q10kt6RNAIjmhDAFGa_GRENVoNl7uVPEzGcLe658dILS2xrwbfOCKEzwjF0V-8ousAbLbTfcaF5bzrQ8AiO-QLWIFBp-SXGHq54z56MqBGHQ96N5r97vWTgChzB4fN9UP7GykMk9hTQo69wOQs35f5M3CZCt1O7R7cYJ5QsZ_pS6mgNMjo36XKAqd6sArrBeQRlmaS5rpXVz9B-57Y1Vgq1LWSuU4uuuy7p7PJKGszdI5cAJxEz2KCg36PP_esHFZ0_xO55jrWGe_iYTPUzc4TZTQv4zMT1H2X33NsyMV3V3YpDn5RGUDRRAQAuHRf1u8nFGZP8-hOyDSlVoZih5IRY9dbGvKo-sfbYoE6mGoS-21dfNJYJFzi9s_dfdgqVyCP9G4dvawcKuzmJqOTiTfshTD-8d6cH19UH8R_Rmq5iA193c7JkkuO_lex66sD4OFKoCMzm9YtZSghSBLtJXSnbYOcOyKygE2jKM5FatViK_CZh3jUbEULX3vdcpwDkUok83bYlk9jpCAZERft6RsafoWczB06_f1Bai1afj9vsg_9Qf00TqAyiLXhQmr4WfqGtoIzvO7cLdF1UOTQWtUIwsJA63lnFdjf_we_QYcS5lgp3n8hwoRjw1i-qYgqqw8aslpZyXtXZ3LTKFDlfMJQG_xU22ayK1mxEhQOQgWSE4XpD0IT4MWzQuXnxWHOF2C74DzFVSUL4cLWgu1Bi8IjE1RwNwFt0wq2Cc-5YGyoF--lwXWQOpdRVr9bp2VOzayHIF8y1oeqY4EgrRg0IfKVr6hKUw-cpeEwQGDaCEEAvwK3UHssF3oOQoJKkBZgn69tFYoB0qviPhhQn0Mg2u0pBO0q3TWC7Irk4J3ypgHGRYkOunk9GuIgjBDCTRvTLemPS9UadcQSFFr
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 395D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPcF63OGtf9jJa9Ye9n7AvAsnIOQhX3Ur_eti_z6BEdNwPt4crKkOmuDWHrhrXqDxgbs_ZY6c_-B2Ie_HoyNQP-yKvFYchfOPyp66lCkipFiZjuHnddnDgjgqJ4croC9AYf4htmE7tePTHXRJYwpf6HntT3-dE67yHNM5aKPC2Hoc35CQtS8aQLr7jUl1vLVCrkj_YcLGRVL2JbPg-KW97k1Aiwqsv9nkXVFbV0sxJaLW4x9ZKMxBpM5G-BisXYCWvLwvsxLwilmWuTS7M2jH0ZwyXk-YC2qb0uJRTg4EPML6Vsf1mjlxTykz2bWHTAX0baMi9dVIiTMf6EZOn0az06ByKXpSP67X8KMsQ_HRJxMsTxksL2uN6QnMumHy7A9sWDkmU9AZqVG1jXg3aBMP9RPgVSFXsp1C-oim0295UGAsL8MuPqNdXSR6Q18h5hk34AFv89gHVD4u5wr2ZKFgtj6vSCGSP7tIN4i4JJbBK74goF3GunXvvnW979S2inCgEic3fQpVO7Joh9N9zmlqkeK_oYOO7tkGggLhMcrQ6WrYS7XyqYovMYzKfCHDe5Raqi9_YsZokNqT84FrIN7NzNGK-kbqz65p8QJ3veoyqun8-7mPnFR11Box7OvMXdkzba9TIzSckTF3uNTcZLMG5YvqgnM-964bia0lVJL4Ns3rDWbVol3Z4dizhlkBYgIdy6aAful84MsZb0lAhDO0jeDW4xtn4DYhOvFvghpiCU6wpxZaY-6Tzv9gvLLzGPdbVKE5enLKqUqJKIJ2GOcPr5yHeOtSldA14TokXoVB102tdT2wamPP082QagjrWvX0vvaBVkahVHV1DE-_DKjKsjfakLvGIG-yLlqVhdBEJ4M7sB73bHWp5FnJNNC20OBUwQlUygDTsMMgIB4JlCItjnPHQzOIWDVvHdok1g4O9ptt92tLCsvTh70l8EU8877o14LDO-CIKIrDHIOzeX30Y4SsHMdiQVpPHWE1jR6_XS4dVzl400dckRAX10Oa0ddUkL9OjTUUII7DwGsHag2ynZYcpOBhY1-JuQlxaEM4tswJSgIgRNkTxeHYJLiTPrQFTWuJX1QnFQztXRYy1crHT_MY0oEriZPKwMXmuL4_t4v_qRWn7YKvDQaauNcPK0gz_z0Y4dd7gAzfRB52ilAzx4nnjUDfQY8nSEX8m1wcUOCQGIC5yo_RlzNSWC4BnaGqCiA&sai=AMfl-YRTUNxwjk3c3SkSRKBMTlsxk-pXudWOkDDoQqE5_tOrB5B6ccTi4nf4VBwI1NDl5pxaeCV4zRBs-lTMY6md5p918gDmtYX0AsPij3qmi2826NacyiJslp0uiDO6YXjhlFM8yRa9zB0yKhYAnYObLc_Q_T9xYB9XQ7mFZ6YYIIK6SDGgDLPBWtR9eSqK0ViSn93F37rblBYuZRjo-1VEmgGyJamVQ6TFYr2Xi-mbA3Wb4mdH3HaD7S2jFRKCCbiOHHEd61OWB5nrqYcZH0xPuL7zya2YQ05YJwHNcACnQzmAQ-n6mUbTbJnMTvt5oOsIMjcFysx3RqzHoExAihnRqMXhwXfYkwy6XQwghqML7Ku0xvu__bq3kepdLSKL7UuEvrKByOioao7UioCUsjpeAQ&sig=Cg0ArKJSzHcmjWrPSDKBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1273&vt=11&dtpt=1272&dett=2&cstd=0&cisv=r20230105.58563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 10 Jan 2023 05:21:21 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 084B 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 05:21:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EDC 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvMDWzvW8Y56pGbqT1Ab827XwBgAAAAA4AeAEAg&bg=!nJ-ln9vNAAYDMoyoIzI7ACkAdvg8WowKF1UPpyjoQEBIjNF3VEP717S_LueGPE3EQGnRPHmI9s2MCQIAAACrUgAAAAJoAQcKAEizxdcVBMDQPzc6HvyP_bz59TZMgwlENHSqbGqpTdW9pBMDTybXEftZVnLdNJCY-ax454Z0jhZfQTVqdqxdUNRDY_aur0CRIAmZAtuhGrVUMqIIqlfx8OzIgtGKpy0luaD2y4PH7HPpREeYYRFfZbGsShS8ZAMZzMDIVmmxSBMIvDu25VK3DuR8fstKqLmLdLbuh7KF3iT1rqTYqxIRKdfS2tg10jQVOno5cLKlo0SS2ndyEvBpUE4Y8WoKNJ8BJT7vTUXaMrAs9ytTekbHfFF_12PpAICuRro2Rp4TRst5KYqkGrP_wbAY_VIcFe4P2bV6ifhRKpgjCSXzy0r4PTtic6odEdINIiFAN-OhmSxOpnQ0cdguV66y8xYVjNS6PLkwvt7ZK02KdbHtbko_SQ2RST854-sIcW3Zx7avdjJMcQGZSPDiXXzMZNvA7HcJvksWlRKGydoIOPbrljMI4KFjEjSaHal0V9-zRRMFFPB9xhh_GxHi3uLO7X3-zhjrKLYONkEQhEh_sJlzx0aRdUj_S2MkF_vjajr2ozajgbjDclbmq0DBvyHdyWdkd4OcuotJJGqIpUD4q6LBEQ9Ue2XeKqB3ArrAi2__fbH0Rg1_vJjGO_5PcruKGIDi3G-2et44t3YtcqyKn_SAnLH_hHb7YLLfoD-mBUx5mN6rDr5HcBfLy1Gu2clDn3WU3T7U0TAULEx3ZgAwNzFie5njGp3HB46N3jFM8sIfkkm4JyFJ2j9YHAxPbSJlKR_BjeNoFISaahRfT3Aoy5XE4nYgln5LQ4H0FG52c7TV3zscGH_ZbF8iH-11eaqhH0aWmPye5xf0g5NYnCfN1w359jMtOXn0QNjE_iy-wlKyPdStouDdPAS9clipAY9aTvAIqzYaClaL-uqVqT7EisYFYslGo_mBZXmWImF--aFC5LhQOo8N-ZkIOmSTSg-ZuADiD7M6FDvg6vgjE6ts4BLZgMpQwHTcxtB68NvrqoQYmi0fLydX3SXqBvajhYbCoHlEmeY8-itXZBtmfjJ98cm1PeWPzw45kNVYAUIIyUa28TtldiCBI91nCiuwkg
Requested by
Host: 32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 10 Jan 2023 05:21:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
279224
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		325 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
75e2d9f35784c51f26e71f6eea3c77c659ce1ff3727be67950864462813a682c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
543909
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
72d2e364115958b2c520bfe3396eea9a49f9918499f44adfc40f83ffadaa618f

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 09 Feb 2023 05:21:21 GMT
/
onetag-sys.com/usync/ Frame 3AD8 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1673328076775
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame A222 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Jan 2023 05:21:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8E08 		533 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8e3aae55ced5b89a57776af4feb514df8e5e41121d3619607d990effc97e45b0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Tue, 10 Jan 2023 05:21:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 849F 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-26.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
16795
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 10 Jan 2023 00:41:28 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 281d355987643c0eb0bbf0ab368dda60.cloudfront.net (CloudFront)
x-amz-cf-id
mInPIpzfHLL-1VEHRcK6ZTg_XicDnVWnwD6sKBQPfkIT8UcamHLSOQ==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 7845 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
563
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7872f7fdb880fb98-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 10 Jan 2023 05:21:21 GMT
expires
Tue, 10 Jan 2023 09:21:21 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 960B
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
4d47f0a226df2f27fee630656f5c4f3ac2e6ea6f721cee319f953c6f253c1c1a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 10 Jan 2023 05:21:21 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 10 Jan 2023 05:21:21 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame CCFB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
82442
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 10 Jan 2023 05:21:22 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 08 Jan 2023 06:27:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
12, 293756
X-Served-By
cache-lga13626-LGA, cache-fty21333-FTY
X-Timer
S1673328082.139169,VS0,VE0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3820 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230105&jk=2728621662198204&bg=!qaqlqu7NAAYDMoyoIzI7ACkAdvg8WrbBV9aRnj5FXoVV5EQwR3frCD6ReDLCZE0BCstDGvNOaGFyCAIAAABQUgAAAAJoAQeZAucDQFrbRzTBnqmUJvHxmftvDSpZF1VDMEGgwli4a-aRzTA5BEF6oANVpS6xIKUKnT9xp519urEQ8FL61yi_wjy_ZLi6N0cMndWifDMNQ0moWDTb9RiyNy01CDG4oBzpSVIvo6SyIeGm0CbBCjAfjLP28NIjGmHcOgLUlCc7ptTdsBj6dGhLhHPWcL9RYYByRywN7-Sk5b43C18Uq7K6kb1kuO5AF-i6R_N6aLxDR1e52dyxvJbnQK8U1JmsbZBCaL2M6G_XzEsd3As3NbjbTu97QAWXRoIVzD1Iq1j90N1MflOHOWIpOWVjJOZEvqeE8OCy5jw45NBetYoDiMlbyPI5r0aJ2xU096bGvPPPwXTSyJegwgLyTB_XziE88G_uFcvjIMMXGD8L4MpSjojT9TIYQMMa6gJY5RXyAjuTpcHMt1egWhQsxTvrHfXvY3-gpkaTZ8qbP7FC6BTa-M4rCJ-6iyt3KwAN8_h1u76W1r70WLzyHtss6RW3dOOspnwx69kGM2qDc_nK5w8nfnogejTTUqDPnI3fOXXFFD3L2HWSFxiPh7aiZm6yqceQ6QDmVVmtAZ920cGBzpwAIS7f76JN5Cn9YHRGiDnu5mfNiKh41M56a8Wb-it7JECiSAJcISVafErjZ1A4voABFwCFDtQdZGXL9ALaDfqbs7UwQGs8J4BZ_Xo9LPKxUqb-YIy9ihnBsraYb2BXROpgF8ol6MpCcukKlhPyWg9p_5rUHsJzWSiMPAxruA_kf46Ko6dsXVGiv3WWqwtn7xlvGilGFYzegDTkgYiHoLMc0Z_w3EUxwAnSl96f_vUCm0gnLE6mnu1Gy5gS91nXuE62jjmMgPoClKBH_iYFmnRu-q_i3ZLaTg-O9MdX-KoXdazk3YtjxM0kJyy-pfKLdUJa0A9Kk_0KliCbNVwuAn1IaZ6pxpOpaymPewsWAB0NYD0sTVmKCDdVRe6XHblnZMWuQiR2CDX6u7W3eZqKcg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 1965 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNU1ku73DwP7BqvqRl7kcSFx-56R7jfgcMnUw81bWHywU-tdtmtuu_i57PGXq7YSO3m5At71IjWH1WwauSKrp0YSKSH7KkyEAW_lO_mEjA_-RQyM_IAbl01HNfRE70VbWillpYxWUw3N2yqFRRz-JU32tLG9RHYxNdstqNkX2NfbOxVyv2hQnsiyNlOChwPNVanNIv42qR21j8qf2zF02bqrZmIdr7F4k7Z0yLcPTXMJwLQyZbcBM03mm3hkjl03DVBAeSSlnW-iTlbQm8pVgCtvz3g0Td4IP1MLRAbUmZ0XfkRtf3gxOxX_o_7DOQfKh3ZJ32bThJxhRzridOT_e41s38fUVC3sIE2_6bXLaekDEltb0P0jkaTiYIt-Lv8jxp2Df8TtZ7-xbXeGWaQ0VLWLg1MUMdfixSr0a8PbIshdEae_ufSysKqIhWBKPI02Cp-5EAWTBFAdNt7uquzP7OYZ4TVn9PZHJ9JnG0g89p61GTEFnTmipatSNDBfy8zn7g1r-RQL238uNRfueezQ5fGshn30cyrXXkbodXPm5zeC-k_8j5GaMssTMxM1ZRIbPhuHmZw44ng5ZuGW1PB-UP18X7dbMVQ9DuItrI-Q_RwPpZ_LSH1lW7_d1kYOcQazR7-ucj2wBS2ytaEXy-KROywa3QLkUWF0dJYHM4BxS_JFAddCJluG_PQcu9hBMr4uu1fQFUMUmA5m9Gb51M3khggCBRLbw0ECXbPMs5BFv_8YLtkeqTApSpvK1g0WE_pJCazf_2Gi5VJIbeoa0BTNvysx7_PYXx5XkUCAjjhDCpWt0KYN4wwdX47lWCGDvHyyWiOLKF-ktuh7hdL-fFt6mZG69H-PzCxeW_DnsuwcEkXGcmu48YQr_6oW0niQ2zQASyl_x293hnkv-UFLkU6TRh1QU0o4n629_j_NgON9e1oRwPxRqZMuUFe2Z98Nm5oFSTDxdU3Z_wxtwWMnjyUZHXRmpBIlakQr4MjV3rXQUXM1s2C6_kru3c4gLdNbOt5A6Kbd9EJxUwA7Qwfv7ucxaawEYWBBzuXxINHQiwWXiPSIaXaHzhkYJScnTbhcZc5X1N0eHQCZgHM6F-dxzLbEAbdGINBs3FTs3l8_gK_sj_vYomv-8REH1Tc4y9to3sWVknqzjQgBOlADVikdtWDNt2fpH62O_PB98N87vfEmT-NIhE9TvkQ2hoPUBmPdo6IA&sai=AMfl-YSb-xxI6hGkxFSQabeUYj4WLxHOE0TK85PbCjvxhhkHJ3fdwO3hln-IL957NK-hsbSD0EbsI2gpxfYgCF4F1Z0D6HK7mTEB_N_bhCEdxJ7nYAJpEzABkRh__ky0w3YXLwnYYEU23fQeTlj-vA3vxrpW8Xc-6M2dl6scFukL7o0S8d6R3BQgRy7TKeW5aHhRNNQcNkLrY4agY6RdDUr51JZ4oIJX1qZXjpYRWGV-qEfVsT-E8nB2WanY2IXahRNEqPmzRmuPX86XX90UBIIRlliAJ3ve_Jd7uHydfi273EsnLNPiKp5VUa5xH0NKni5t27RqS1wbVO_0O3KGSueS3F-zCBWu28_or1X1e33pFdQpaP_E5JC0v38d07eK79fa3-zjEFy9vXrNweFnPq9MgA&sig=Cg0ArKJSzOZw_KLzWIfpEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1533&vt=11&dtpt=1532&dett=2&cstd=0&cisv=r20230105.40885&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 10 Jan 2023 05:21:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EFE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230105&jk=3052707452398066&bg=!CgmlCU3NAAYDMoyoIzI7ACkAdvg8WjB6ee1_8Q5i57ZZtE97KsKmGH5kgiwT4GKVjUHApHtxm1Wz6wIAAACzUgAAAAVoAQeZAt-Aae5awS_PmYxeb4rvE7B3J7gc1kcwAJHL8221A3ZHun2JQckDJVaPoqqsGs5UoyPFPCJb33cUgEGfMTi-VUhOR6-a7wR47SP45HHzBS2adOT7y2__aDyekqvluRht1ROQAqbnhrmt1oG7GIz1U9ki1EpQexlq5SyDTnnJAIvqlYTdvbgIJtB9idFAzhfGmQpYiMRdyZOGF6tfd_nam6g8T2neAM-SUrFtMuR-eGbdqq_jw2-FxxAhnhTJAjTZRCMS88XAfa7yG6hXbHSCQyns_hoUNdZhix4mC_mrw0GLeykEJgEGL9hfpefKM-hBL_j0TGRfEjgOAjdR0r13vnCWcFeN-UPem27dfG3l_-VrnfJV63nxuqXtRv_xdO1acyqyuqvSyyDDUwmNb_d2MdpwJkH8n1w3RFqHY1-iHCO6hX6agKPWOn7YNm_KFDhha8TOTM2euwp2luuGdfgUtHrPUmAn3uhQ0ebdJEzQFrAO0m-ZOv0eh2oweKKzDq26C15H6CxdmxQUXTNI8vXwA2LPZHYAMF1sFpAetqsILoZdzScJG5zHVrkTxHe9NVdPcxcbgjcaNuoKpTq2A-e5oof4sfa0Bm31mfzF9xj2Bv9piQkTDbywu0D5gbdxaXZsCVWWEX3qcO1_aRavRTVQ5uG9B1p89DayoqeXQPgPjzpwXFA8bLUjbC7mki5BkEM76z1HZHCLAsvOIUIPRvQabUgktbbiGcABhRG3AW095kjwtmjtfZ39wOU_oWxe8-NcgZZeKb4-3quZtV0TGeMMVmr0-inm0IZP9Ye7gZKpzWFrI9PZKo9kV7tHD6qeQkkhKscaDXxAmVd2rmxchdXKeoBDCmJx7OJrwvnKSRWBSAuiFtPxW4EBRYOXkN_yPYgoeP5xWud80-nbQbBnR40-DqdfarcWj7FDV6xoVkDXXeS9oVdaEZJEWjc9BatO0yb2J_PGLvB-cT6hJQVCCrodcMs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 8E08
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7144589798765820768&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7144589798765820768&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7144589798765820768&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 8E08
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=344141c0-317d-73f7-c4f5-21e6cc1ed692&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b13179aa-bda5-4174-993b-e35908e44d7d&ttd_puid=344141c0-317d-73f7-c4f5-21e6cc1ed692&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b13179aa-bda5-4174-993b-e35908e44d7d&ttd_puid=344141c0-317d-73f7-c4f5-21e6cc1ed692&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b13179aa-bda5-4174-993b-e35908e44d7d&ttd_puid=344141c0-317d-73f7-c4f5-21e6cc1ed692&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 8E08
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7z10sCo5s0AAM2zJm4AAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7z10sCo5s0AAM2zJm4AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 10 Jan 2023 05:21:22 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.214","key":"Y7z10sCo5s0AAM2zJm4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40016"}
X-SO-Key
Y7z10sCo5s0AAM2zJm4AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40016
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7z10sCo5s0AAM2zJm4AAAAA
Cache-Control
private
X-SO-HostName
a-ad40016.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
116.90.74.214
sd
jp-u.openx.net/w/1.0/ Frame 8E08
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQgL5lJGIGA0ks8ADzHou1h_JM8AAAGFmiA-Mg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQgL5lJGIGA0ks8ADzHou1h_JM8AAAGFmiA-Mg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQgL5lJGIGA0ks8ADzHou1h_JM8AAAGFmiA-Mg
cache-control
no-cache
content-length
0
x-amz-cf-id
5UyQ111lAAKfn3Klyb-arLpCMQC8ceRpQMNbu_mhDKgv2x9zOmAgHQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8E08 		170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTgyZTkyMGEtZjgwYS0yZDUzLWQxMTUtN2I1ZjA2ZmMxOGYy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8E08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG6mpIJk2xzrvnSdTUQtbzY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG6mpIJk2xzrvnSdTUQtbzY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG6mpIJk2xzrvnSdTUQtbzY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 50CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230105&jk=1765725156878927&bg=!eHulez_NAAYDMoyoIzI7ACkAdvg8WnXvHIlbET_B1DW57Jd30PqWb6Zw6vC20dBo4Uy-3En8XAFEBgIAAACrUgAAAANoAQcKAHSGEPazSaQDWM7JTPVS2k_H7OBXOfqita3-cU3Q_VaK2jvqElepAfizQ6TZraRaXrCyv2xL0oMdqMQQl0gBQXfVxnnNjX-50Y7PBhQLpY3Iq8ZRwX0wv1n2j60BfLJepATCUy4QVISoP2ihzS5Dv7nj1QgBypkCw8dH2MiiqKOy8cp0G6FFjrN4ynV6ACmq6Vf2yFbB1vdeJOfXC_m_k2aG-YBEUQA5gyIdzDDtM9lqiZUxvGi7XUVACKF-hu_tL2JDSV1KLJdCLIVLOeFyfiH6vk8y6QMDuj8D_z-MUnI7WOAbRRsRSmfPhIWqg5ZxET3zNTRzHE70wQzRSKSOAlcQA9V8LsZV7SroOgMfUsG0Bz221k1wZ3_bEysCN8kQL1hN4UKOSX1fhhhIfnfT8Kdku66du5f0nTjHPQc-OscjCZzPyoNIB_NjIsB8VBPwJznRFr5TSVRq5oJZzhLrUoPEmImf5PTf2TuObFRqd-SyNLTQjXZimdQ-VqcUa6SOkDwXlt04odTclC2IuvWVaY5DbbgsI1Vy7I0k0hMcE2QeTGp8uy2f8XDTyetbR-vfU59LfF2IOQJEyNFan2CRHhN1GdNmrox1AyhPuDJIsvHh-MCXF3Kp-3r74sZN_fP8-j9qc_WORVNa8akqvmTVwUs2pUhKrk45kiNKxBwE8Tq6ezsxEeo4DL0_PyNI1aTXSwcWycfTd8FOF3drO19J05DkvIBM8JsHUmUGJOxvoRfKbJJqtGibxkuEXGfV8wWoMa5lA996M3WUhkJMiAMAxLgMKMfdIwWHKQdacgyxJeMDzaDAPlKMENudVfEsN-_f0X8g2KXMrSFy9j9hSLG90G6SQKkzXn2nO52LH7SkYt7nas1XVTO4BKK5dD-5puh3ev9H9AzM7oZc2Y_4Bm8Y9osjkM-mafR2_zS-3mjVkMZqd-IBrKQ7tI66C4oKugp_BXOEYiWYcrRjX3LNvJ-0QaxmpRQ_ZbLmtajmQGv9FL3j7c6eLk0PaC5VNtL_9nj3hIvtkVFZyHaJddq-UBKYd7eiYwQYKKHfCQBWQMRS_DOBpgdrGEsM_UeLI5hs0e7zshQprr2oBRZ8vxK1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7474 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230105&jk=3731464552959137&bg=!xMelx4PNAAYDMoyoIzI7ACkAdvg8Wrpq6dXcvuAWr2GH6_ns7rmlmRWvUchTMGQyJ7onyuN1MFTCtwIAAACjUgAAAANoAQeZArKNcQAQJgk7_-yhf19vg6gKF2J-E0f-hTc675z9B2u0K4YnL_-7uhcHsDlOph1RQkVpEGs-Y4LT_U1zDT0985YQvC5YJ9hpU8iiKD6ZrswsE8rZfzGNw3CM6vta3pdH6q6Mb5W8yDcD-AppqRO77U1UQZ111qLmZsEzbxFixYSQCQ33E__uG0Ufo8iha2U8cwYfTc8Qn1qttWklBXkFup8sMx99S2yZ214UPP372Kam4G5PoVfxbZbeyeF-zKPy2HBRuD0AEjjyuvyTsoLP56X2hr1mBnOsCBXwsCZhqd8ucVOjv3YBdupTwZco05KchHzIVZFI4_zihhE0lvho8T-_rb-FJ1gjOW0x5jIsNy82m1uoSaaTW2lN-hgjPJk9kWM05CHO_Qa3QiI4LQ6q83EXR13cIHuUns8pO0IeOAVCr-K-BWnZ-OSkX6agpZUFM8wERUWYhtqK6HTXFW4yUo4pzZnVsQgtcogyJ8SNnU14Cd8k84KK-AW4CL1TDTFcjR6NnDTIagHJEkrnohT0BFIKxkw_p7s_QnF2t-uN2xZjeytk_QTAgfuAsQhtPRvpuNbJgA9ngwMT0BeCYldzs6igwlAfPaOKr0mxOV9Cec-FHr4-t8cRTxFfoPWp0DdtitRu60Ue45rTp252RGBg58XGDIyUjbVnMg_r1YYqA2dAcdGCCn27iAWU0_6IhsWUyoP62Sr6wZ2FyQ7Xxot1Jp_bk6lRmMGcCXycVGAohTM2gPxwvGfez7K3IMlOtyhYoa9nS2zMYTPGRoywFpBZgBzzSQdomY5zsUJHsgBxHpRsXiionHy2cdW1pf0oU2vSqsxY-Yt96eAgx8xCksGTgWfl_iarcEtjnLmS4hgYGk2z4ZpD0hbeR1P9ulS--qfYFlMJbYrGpzd3IobwWWUMfHZv1Ss
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usermatch
ssum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d383753b69e3d73a473522231ba77da35413c79389c6164468bfba7244142494

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7872f8031d14a894-SYD
content-encoding
br
content-type
text/html
date
Tue, 10 Jan 2023 05:21:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuB1sxM9104NSvG8xPeX3sFAcdCcvjxxODNehRr%2BBeFEdQ8ebgJTsOLe8wE%2BrHZxpyGPoqYUrxIONcMcTUzngn5W82bS4l02dkOcHtuVH%2F0TbaoJ%2Fj55SNlOzJ89TGGImW4a8zsPtU4%2FpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7872f8009c00a819-SYD
content-length
0
date
Tue, 10 Jan 2023 05:21:22 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWPP9UZK6r9phdiKeDSnJx1R%2F86mlVGKt520QqvEZwJl0PTewqV7E1H%2FPBjNXIQlRKjRkWTQidA%2BWlDfzBbYPlZ0x4XiTGlUUMrVwqaYcyk44W67YCvCnRFdf1cmuo1IfUqwaRWxYR9zxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
all
csm.as.criteo.net/ Frame 084B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xEHYNEH5JVVIgAMzssqO_vgb89We3NIoCv35VZnc2sX1iUL9z1A2NhwCmGxJl6m588oQK56maSJnJJcPqCzelRiff4Es9TIB_kVl0IPu8Q3n-4y9PShCYh3wquSAcHXV5rzHKjPPw758-2bSLBKBASDqP6iz0bTzvfVxNMge-baPt-6YAsOfJ6Dt7DcCaT2n9bvBLXjnDgDfJ5Yyoe8uP-Fl5-RBi8X9r0XnlxaENUjf-pD_J0B80dl6rvmvODT0nQisrkPPQEGTcIPI&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7z1zgAGVJ8K1Qm6AA1t_ODVmX40xTzsqvX2Zw&u=%7C%2FCxhmg7i62uX6vPDi9kwjzLiyT4d4w9W3TcE4OtdYws%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40Bln4ZylUC01kwOA1RNMud5MPvAi5Vs6W5S44HUA5tQwT0P8o9rrd-Kj1MHSs8JwMhuET1RPKqyr_yINdZtwGBG4a-EKL9tM1LuJc7W8i2JBWQpHsdNOrPsjMHwhWssYRFy1Fs6EX4FgLQx5Z-nox05CNCT92A7IJEScUCCHrtDSInLkEoauaIb6kNhS8SlZOhblAjhRv6to2TsvogUH4rzCORdPa750MHYn9_Dh4BjCBo_Eu4m2DqqFvis3-huOyswXJLX9z5etYse2cDErmfFbfp69RTt5AZjDTyE9zlOx6dGs9a5XaWNGavnqxzwMheWaatF7Qf2aXHr09xl5A40TMoBfj0KgtKYPEVP3GApwLwhrNP3kO88vQFE-90qwV8UvO6L-mVfH9QCEfTXSFLr53girV-G-eQcXnA5LKFrTtWiBbkFH0tk2pu84KrwdwRTJEvH0JCFJjYNvWLCl8YDiHCxEbMrOX6FaK6tCzhrl9Hay89BS64j1p3nZSvEgXXQ1PIeDsM8VLW680KXSTPNqnNtEvA8IkiNHXOTzcQaZzUVzlwfiT6SCmlxo8UWILSKxkhaRvBZg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4obBzvW8Y5-pGbqT1Ab827XwBpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAq3YcSKbMac-4AIAqAMBqgSrAk_QShXgpOiHKewWhF5y_icS3lg71pAPKEWifSZDu2NlNBAvJyVB7ZNJA5ke5A-51bHYozuAC-lu72nH4Cbb1Cbsr2Oi-IR0h5muERBaX2ct-i9Qe1YIWzR4flR1C_g2Y5NI4DgmvkMjLjN5_io0LWOUVZdRrZSzLOBmW8rTzAqORDAfRpf4fOAaLYV35dnchHsSmOTYW3mvc7Js_tDjITtHLsighjqybl3PMcPSV9SbNW0Wxx3HQatYwoMOkGyLq0m95wcOSfO5KwKrs8Tz7UORHb4yCanMv4OYwa9QEU97hW6znlftGIE4p98uLuEbEK8AmhwOWzGcoGkrjYZcfYJI98zt_-bUEA3uT6na2ydnFvYvD6VtsWogMZzkYsqFV62jg_vfVh--NCSz4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ezOOAp_yj3maMfvTuA1QpGagymw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 10 Jan 2023 05:21:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
xuid
eb2.3lift.com/ Frame 960B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b13179aa-bda5-4174-993b-e35908e44d7d&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=b13179aa-bda5-4174-993b-e35908e44d7d&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=b13179aa-bda5-4174-993b-e35908e44d7d&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 960B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM4NDU1NTg5MzkyNjI5NjE5MjE2OQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 960B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkEyUoGqwLWhdMGwKTo6YI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkEyUoGqwLWhdMGwKTo6YI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkEyUoGqwLWhdMGwKTo6YI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 960B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM4NDU1NTg5MzkyNjI5NjE5MjE2OQ%3D%3D
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM4NDU1NTg5MzkyNjI5NjE5MjE2OQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM4NDU1NTg5MzkyNjI5NjE5MjE2OQ%3D%3D
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 960B 		0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4384555893926296192169&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 78C2CB14825A4D9DAF760E94DFA2BF5A Ref B: SYD03EDGE1021 Ref C: 2023-01-10T05:21:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXx4g30RmTjY2/T/cM5aA==
receive
pixel.tapad.com/idsync/ex/ Frame 960B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4384555893926296192169&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4384555893926296192169&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=705ac2ed-5e5a-46e0-9b8e-590b7622ccc4&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008354815659&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
0
0
xuid
eb2.3lift.com/ Frame 960B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4384555893926296192169?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-4DkrPcdE2oQAmyl3qVSnxa6Fvjp63F0_PcnjQGuuzA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-4DkrPcdE2oQAmyl3qVSnxa6Fvjp63F0_PcnjQGuuzA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 10 Jan 2023 05:21:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-4DkrPcdE2oQAmyl3qVSnxa6Fvjp63F0_PcnjQGuuzA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 960B
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4384555893926296192169
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4384555893926296192169&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4384555893926296192169&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MGSTNZ1QKMY7H33DPD8V
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4384555893926296192169&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 960B 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4384555893926296192169&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
last-modified
Thu, 05 Jan 2023 17:41:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7090BD0EFAB247D39876E9B8996708E2 Ref B: SYD03EDGE1316 Ref C: 2023-01-10T05:21:22Z
etag
"f0942be52c21d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 960B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=754610246291418313&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=754610246291418313&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 10 Jan 2023 05:21:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 10 Jan 2023 05:21:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
67321e5a-b0b5-45ea-b597-77bf3a3a5864
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=754610246291418313&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A222 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
49a33af8aef09f18689e1c73ff8bdb3fb73c2eb70de0e046b1fd6e3317a40954

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 05:21:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 00:44:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69789
Connection
keep-alive
Content-Length
10067
Expires
Wed, 11 Jan 2023 00:44:31 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1965 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaPz22qdpTQ63SyflP3rY8IzhA7Xo-p6hMt8WSbL_UXrKdSkiLc3Ns3F_HdcxEXlsra3yIk1DAXclJaU87KV-sV6fSjIa1BGYdiArfz6-UtmZR665Ad68wXA&sai=AMfl-YSYBsqxHC4E6WwANDqaeu8K_-Ng7RKtE6njLJDpZdnirmyFmDOq1OgTMos-z2dZJbUm6kOKIQ7AEwBDxa_SHJFmKAO889t66spZG9d1Fa7w4jxVv3QG23Iwx0kwRw&sig=Cg0ArKJSzMVEHB7qtzc0EAE&cid=CAQSOwDq26N9r48U8VKKwHv7Fau3zESMa3lwt6QiY9XOXLG7qgsElIAXTltupLv41JA-1KKhTMZABdvauCJjGAEgEw&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673328079233&rpt=2042&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CCFB 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:22 GMT
AN-X-Request-Uuid
ef56564f-8a91-4c2f-9083-092dde7d5c44
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame B4D8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.233.239 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-233-239.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a0a2df3baddb4df463786aa3ba32796cfa0d268ff419d25f5324d3da8857770

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 10 Jan 2023 05:21:23 GMT
etag
W/"0e586276e2e91193e411abc93f69a48d1"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 571D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 4997 		887 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
38ac30cfb2837ee59dee06f8ea552deb004edce6e9fea5a05f71d0dea6dfb540

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
887
content-type
text/html
date
Tue, 10 Jan 2023 05:21:23 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 889D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265be2ecc4ec1791abd894e64598c9a369ed8eab91f1e4f780f9011db863b3eb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7872f803cdd9a894-SYD
content-encoding
br
content-type
text/html
date
Tue, 10 Jan 2023 05:21:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlRBDdOHoF8qFzfOJARr%2FERyWn8tm40vfPhR00FM9oBNMF0X4CRRI3CA3qI9bzEKup86gd5tOLLz8S%2By3lD45x9pwdXQGOTHXt4vH7uvXV0Tbz2D41volkaRcE2Z2h7H6ggYCF1kv9QnFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C452
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Jan 2023 05:21:23 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 10 Jan 2023 05:21:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B37D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39576
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 10 Jan 2023 05:21:23 GMT
expires
Tue, 10 Jan 2023 16:20:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 7D26 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-118.sin2.r.cloudfront.net
Software
/
Resource Hash
bd0a7b3d029bf4546ccd7a859eceb0158a3640e75051a33a31bbc2964c30db79

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Tue, 10 Jan 2023 05:21:23 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
x-amz-cf-id
9GsEbqGOdtc_WpAUDSDUxGGBlIwEY2pALm6T-QR1-IkpizA9-lN_jA==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 849F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=754610246291418313
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=754610246291418313
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Tue, 10 Jan 2023 05:21:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0a09ef03-3f89-439b-86b4-411cb45b7f67
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=754610246291418313
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 849F
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F9hhDRZHCbGFDc8IS1ya_ow0
0
0
sync
ads.servenobid.com/ Frame 849F
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=F9hhDLZHvYQkgSBUQuS46LNR
0
0
b13179aa-bda5-4174-993b-e35908e44d7d
sync.1rx.io/usersync/tradedesk/ Frame 849F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1673328083447
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837057233
  • https://sync.1rx.io/usersync/tradedesk/b13179aa-bda5-4174-993b-e35908e44d7d
0
0
cm
p.rfihub.com/ Frame 849F 		0
0
sync
ads.servenobid.com/ Frame 849F
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=2825e28a-0c5f-4ecb-a68a-7f115f85bfdc
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=2825e28a-0c5f-4ecb-a68a-7f115f85bfdc
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-65
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=2825e28a-0c5f-4ecb-a68a-7f115f85bfdc
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 849F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D23bbb514-9d25-44f8-84a...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
209.191.163.209 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 10 Jan 2023 05:21:23 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5149%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 849F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
date
Tue, 10 Jan 2023 05:21:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame 849F 		0
0
sync
ads.servenobid.com/ Frame 849F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
date
Tue, 10 Jan 2023 05:21:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activeview
pagead2.googlesyndication.com/pcs/ Frame 1897 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRlNgv4ECaAx7F0b2xqamOlY94E37WxAVN34rRKRp2RM6A0Y1IowHPDyU5WxcD9GivRuChTA9oeBlWualqczdvhXQo&sig=Cg0ArKJSzJ81L3Gsuno7EAE&cid=CAASFeRotL4uqYqMwIfRZyx7IDJjaoxjrg&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673328079271&rpt=2260&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A222
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame A222
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
ecm3
s.amazon-adsystem.com/ Frame A222
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=340w14P5R1SzUNAZbWGJcw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=340w14P5R1SzUNAZbWGJcw
0
0
setuid
px.ads.linkedin.com/ Frame A222
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCPSBZFV-1X-9I5B
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCPSBZFV-1X-9I5B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:23 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0E49A5ECE591417B8405AE3BA85133CC Ref B: SYD03EDGE1021 Ref C: 2023-01-10T05:21:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXx4g4MB0wRaA+yluQ4Mw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCPSBZFV-1X-9I5B
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A222
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ltwflla4DoOXW6psaCICJ8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2zd09lFE2oI9pvN4izw3pkG7jxdr.LEz0fxV5g--~A
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2zd09lFE2oI9pvN4izw3pkG7jxdr.LEz0fxV5g--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 10 Jan 2023 05:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2zd09lFE2oI9pvN4izw3pkG7jxdr.LEz0fxV5g--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame A222
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENQU0JaRlYtMVgtOUk1Qg==
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENQU0JaRlYtMVgtOUk1Qg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENQU0JaRlYtMVgtOUk1Qg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A222
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELJJhDqQvXeqItpdRPwP1XY&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELJJhDqQvXeqItpdRPwP1XY&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELJJhDqQvXeqItpdRPwP1XY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A222
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMjIxMmM1NDM2ZTE3MjFkOTJmZTQ1YWY2YzZlOWFmZGI5Y2Y1Zg
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMjIxMmM1NDM2ZTE3MjFkOTJmZTQ1YWY2YzZlOWFmZGI5Y2Y1Zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fei-qi-30duo-nian-xi-ban-ya-zheng-zuo-cun-luo-shou-chu-zhi-mai-980mo-tai-bi.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhmMjIxMmM1NDM2ZTE3MjFkOTJmZTQ1YWY2YzZlOWFmZGI5Y2Y1Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame 395D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttOC8JZ_y9Y4GM5_PiwzTYR7exLAR0BW20rjvRC2a55-j7Wjbpr2V7JsphYL7kte1v1IDGXsPyw4FCCTurS7Fk0F_qiO_tnfRf_xpPcNtaYT6TJRMTJQD4XA&sai=AMfl-YTOsC4FgWE7XPgSEs6ZvCGfVfW6UIflirfCDINkR15QlXDjDjUgSbUgErYPnm5WzhpwGK92nT4P4OWPnxUZHrybUNQI-x9d4Au-x0hTSIO4Ni_UeaSiQq2uGH5Gqw&sig=Cg0ArKJSzI3pF6I0D5DdEAE&cid=CAQSOwDq26N9r48U8VKKwHv7Fau3zESMa3lwt6QiY9XOXLG7qgsElIAXTltupLv41JA-1KKhTMZABdvauCJjGAEgEw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673328079267&rpt=2428&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8145
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0B61NRY9FVRD89XBM3PQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TK6GRRS90MHAWWA9YH22
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7z10vBu9BZ6gdpfiiVpkwAAElkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzxXyt5gCU8QMwfu7LJMvYvqjsM7MFw5sc%2FI4Ex2XLqORaHRrK%2BmvP90gGP29U6OjH9mBfhSC5RZwikaVRSApg4Qsbg8%2Frkk813DQRZ0L4%2B8Bmitnw6kPrKO9SzfWWmYFMp99XDU5eA8Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7872f8079a62a894-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y7z10vBu9BZ6gdpfiiVpkwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJDwX7vHdS_hN7Zl8OQnW0k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b41a4b44-2769-166a-67fb1403
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b41a4b44-2769-166a-67fb1403
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Tue, 10 Jan 2023 05:21:23 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b41a4b44-2769-166a-67fb1403
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=GhuTukodkr8BScngGhDc4B5Lw70BHpPrG026nobP
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=GhuTukodkr8BScngGhDc4B5Lw70BHpPrG026nobP
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=GhuTukodkr8BScngGhDc4B5Lw70BHpPrG026nobP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y7z10sCo5s0AAM2zJpQAAAAA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y7z10sCo5s0AAM2zJpQAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 10 Jan 2023 05:21:22 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.214","key":"Y7z10sCo5s0AAM2zJpQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40351"}
X-SO-Key
Y7z10sCo5s0AAM2zJpQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40351
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y7z10sCo5s0AAM2zJpQAAAAA
Cache-Control
private
X-SO-HostName
a-ad40351.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
116.90.74.214
crum
dsum-sec.casalemedia.com/ Frame 8145
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANo507HeewAACBg8TUHxg&expiration=1674537684
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8145 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y7z10vBu9BZ6gdpfiiVpkwAA%264697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:23 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
61416
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7872f80a2f06fb90-AKL
content-length
43
expires
Wed, 11 Jan 2023 05:21:23 GMT
dcm
s.amazon-adsystem.com/ Frame 889D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FZRHWNVJ7KBSEDK8QBA7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3KAXSGM8K8969Y5W7TBG
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 889D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b13179aa-bda5-4174-993b-e35908e44d7d&expiration=1675920082&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 889D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3pmaHF7i7caoWXofD%2Bm0k5%2BJ%2FNGxLEQyj9jqZVYZ0TT9DNfpGtXLhsEfXOeN0bpUcH%2F%2B7GpH2E%2Bn%2FCk2ZDA5RP92gN3CwDI0fL2QRWB8hxHwkbR3upWGwR9pkW1YaJKqrN%2FSJIraQOU3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7872f8084b08a894-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC1AsOnGTk6AEGGwBV5zKow&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 889D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.31.174 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-31-174.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 889D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7z10wAKnA0gRgAp
85 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7z10wAKnA0gRgAp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fty21359-FTY
pragma
no-cache
date
Tue, 10 Jan 2023 05:21:24 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1911
x-timer
S1673328084.146640,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
10057

Redirect headers

x-served-by
cache-fty21359-FTY
pragma
no-cache
date
Tue, 10 Jan 2023 05:21:23 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1673328084.765772,VS0,VE14
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7z10wAKnA0gRgAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 889D
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688966483&external_user_id=79728dbd-f2c1-418e-a0b6-9f22148d0e2d
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688966483&external_user_id=79728dbd-f2c1-418e-a0b6-9f22148d0e2d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Tue, 10 Jan 2023 05:21:23 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688966483&external_user_id=79728dbd-f2c1-418e-a0b6-9f22148d0e2d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 889D
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63bcf5d3741c1&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63bcf5d3741c1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63bcf5d3741c1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Tue, 10 Jan 2023 05:21:23 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63bcf5d3741c1
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
rum
dsum-sec.casalemedia.com/ Frame 889D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4262286037248703328
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4262286037248703328
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4262286037248703328
pragma
no-cache
date
Tue, 10 Jan 2023 05:21:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ads.servenobid.com/ Frame 889D 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame CCFB 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Jan 2023 05:21:23 GMT
AN-X-Request-Uuid
dd103170-cec2-47a6-a153-5b4ca24d512e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.214; 116.90.74.214; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame B4D8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=754610246291418313
0
0
/
c1.adform.net/serving/cookie/match/ Frame B4D8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
0
0
usersync
usersync.gumgum.com/ Frame B4D8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a9900775-d885-4280-7ce5-221f1d6e12ca$ip$116.90.74.214
0
0
23178
stags.bluekai.com/site/ Frame B4D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=lXhSoj9FHRh6YHSBYpR7&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
b13179aa-bda5-4174-993b-e35908e44d7d
sync.1rx.io/usersync/tradedesk/ Frame B4D8
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1673328083550
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3710609695
  • https://sync.1rx.io/usersync/tradedesk/b13179aa-bda5-4174-993b-e35908e44d7d
0
0
usersync
usersync.gumgum.com/ Frame B4D8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=GRxl4OxRs7TY&ev=1&pid=558355
0
0
redirectObuid
sync.outbrain.com/ Frame B4D8 		0
0
usersync
usersync.gumgum.com/ Frame B4D8
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c37ce5b0-1968-4ba1-a38e-310b044ed7d4
0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame B4D8 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame B4D8 		0
0
services
sync.technoratimedia.com/ Frame B4D8 		0
0
142
match.deepintent.com/usersync/ Frame B4D8 		0
0
server_match
ad.360yield.com/ Frame B4D8 		0
0
sync
ssbsync.smartadserver.com/api/ Frame B4D8 		0
0
sync
ads.servenobid.com/ Frame B4D8 		0
0
cs
cs.minutemedia-prebid.com/ Frame 7D26
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212075052309978
0
0
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame 7D26 		0
0
sync
rtb.mfadsrvr.com/ Frame 7D26 		0
0
cs
cs.minutemedia-prebid.com/ Frame 7D26
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=b71021a1-f28f-4d18-8e0a-0afcbac8163c&gdpr=0
0
0
minute_media
cs.admanmedia.com/sync/ Frame 7D26 		0
0
getuid
eb2.3lift.com/ Frame 7D26
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F2670%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dappnexus%26cbx%3DaHR0...
  • https://prebid.a-mo.net/cchain/0/2670?gdpr=&gdpr_consent=&us_privacy=&A=23bbb514-9d25-44f8-84aa-c65402d361cc&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F2670%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dtriplelift%26c...
0
0
server_match
ad.360yield.com/ul_cb/ Frame 7D26
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
0
0
cs
cs.minutemedia-prebid.com/ Frame 7D26
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g8bc675a5d2f2478579c&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame 7D26 		0
0
occ
ups.analytics.yahoo.com/ups/58611/ Frame 7D26 		0
0
getuid
eb2.3lift.com/ Frame 7D26 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 7D26 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 7D26 		0
0
pixel
ap.lijit.com/ Frame 7D26 		0
0
us
sync.go.sonobi.com/ Frame 7D26 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 7D26 		0
0
rtset
bh.contextweb.com/bh/ Frame 7D26 		0
0
redirectuser
ssp.disqus.com/ Frame 7D26 		0
0
getuid
secure.adnxs.com/ Frame 7D26 		0
0
cm
u.openx.net/w/1.0/ Frame 7D26 		0
0
sync
x.bidswitch.net/ Frame 7D26 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7D26 		0
0
match
ads.betweendigital.com/ Frame 7D26 		0
0
sync
ads.servenobid.com/ Frame 7D26 		0
0
oRTB
sync.inmobi.com/ Frame 1625 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7936 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39576
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 10 Jan 2023 05:21:23 GMT
expires
Tue, 10 Jan 2023 16:20:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame AC4C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=b13179aa-bda5-4174-993b-e35908e44d7d
0
0
usersync
usersync.gumgum.com/ Frame 0ACA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=ee0463bc-f5d4-4700-b7b5-e8bdeac49805&gdpr=0&gdpr_consent=
0
0
usersync
usersync.gumgum.com/ Frame 1C4D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y7z10wAKDHVilgAe
  • https://usersync.gumgum.com/usersync?b=atm&i=Y7z10wAKDHVilgAe&gdpr=0&gdpr_consent=&_test=Y7z10wAKDHVilgAe
0
0
pixel
cm.g.doubleclick.net/ Frame 71F8 		170 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84YmUxZTNjOS0yYjRiLTQyNzQtYWExNy1hNTMwMzRlNzliYjU=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 05:21:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 8BEE 		0
0
usersync
usersync.gumgum.com/ Frame 35B4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y7z10sCo5s0AAM2zJpQAAAAA
0
0
gumgum
cs.admanmedia.com/sync/ Frame 47F1 		0
0
usersync
usersync.gumgum.com/ Frame EF9F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y7z10lto6UCP9PkAwtBI5AAA%264988
0
0
cm-notify
creativecdn.com/ Frame E499 		0
0
usync.html
eus.rubiconproject.com/ Frame 701D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Jan 2023 05:21:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 10 Jan 2023 05:21:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 967A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Jan 2023 05:21:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 10 Jan 2023 05:21:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 71E5 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame B37D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26082677&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8e3ef7392a35c2b23be083f7438bb25012d120d1acf31c0c830ce8d0768f77f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 10 Jan 2023 05:21:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame C452 		0
0
sync
ads.servenobid.com/ Frame 4997 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7734513025579278792&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.124.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-124-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 4997
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y7z10wAKnA0gRgAp&gdpr=0&gdpr_consent=
0
0
generic
match.adsrvr.org/track/cmf/ Frame 4997
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5174024033
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 4997 		0
0
sync.php
demand.trafficroots.com/ Frame 4997 		0
0
match
c1.adform.net/serving/cookie/ Frame 7B6A 		0
0
img
sync.mathtag.com/sync/ Frame 9C2C 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 9444 		0
0
send
cm.ambientdsp.com/cm/ Frame 2FAC 		0
0
getuid
ib.adnxs.com/ Frame 40C7 		0
0
sync
ads.servenobid.com/ Frame F15D 		0
0
pixel
cm.g.doubleclick.net/ Frame B37D 		0
0
420486.gif
idsync.rlcdn.com/ Frame B37D 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame B37D 		0
0
pixel
cm.g.doubleclick.net/ Frame B37D 		0
0
pixel
cm.g.doubleclick.net/ Frame B37D 		0
0
pubmatic
um.simpli.fi/ Frame B37D 		0
0
1E4E89B4-A8B6-4A88-8831-F600A7B5003F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B37D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1E4E89B4-A8B6-4A88-8831-F600A7B5003F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.31.174 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-31-174.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame B37D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=
0
0
sync
ups.analytics.yahoo.com/ups/58292/ Frame B37D 		0
0
usync.js
eus.rubiconproject.com/ Frame 701D 		0
0
usync.js
eus.rubiconproject.com/ Frame 967A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008354815659&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=F9hhDRZHCbGFDc8IS1ya_ow0
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=F9hhDLZHvYQkgSBUQuS46LNR
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/b13179aa-bda5-4174-993b-e35908e44d7d
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=340w14P5R1SzUNAZbWGJcw
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANo507HeewAACBg8TUHxg&expiration=1674537684
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=754610246291418313
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sta&i=0-a9900775-d885-4280-7ce5-221f1d6e12ca$ip$116.90.74.214
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=lXhSoj9FHRh6YHSBYpR7&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23CYNBJW62RZIZEFE2BWLFEFGQSZOBJDOJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/b13179aa-bda5-4174-993b-e35908e44d7d
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=GRxl4OxRs7TY&ev=1&pid=558355
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=c37ce5b0-1968-4ba1-a38e-310b044ed7d4
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212075052309978
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=minutemedia
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=b71021a1-f28f-4d18-8e0a-0afcbac8163c&gdpr=0
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F2670%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D23bbb514-9d25-44f8-84aa-c65402d361cc%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID&gdpr=0&gdpr_consent=
Domain
ad.360yield.com
URL
https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g8bc675a5d2f2478579c&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=S-J9_OFaC_mm
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=b13179aa-bda5-4174-993b-e35908e44d7d
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=ee0463bc-f5d4-4700-b7b5-e8bdeac49805&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=atm&i=Y7z10wAKDHVilgAe&gdpr=0&gdpr_consent=&_test=Y7z10wAKDHVilgAe
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=Y7z10sCo5s0AAM2zJpQAAAAA
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=Y7z10lto6UCP9PkAwtBI5AAA%264988
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y7z10wAKnA0gRgAp&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5174024033
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
demand.trafficroots.com
URL
https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=1E4E89B4-A8B6-4A88-8831-F600A7B5003F&gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
cm.ambientdsp.com
URL
https://cm.ambientdsp.com/cm/send?vc=pmj
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=316&uid=1E4E89B4-A8B6-4A88-8831-F600A7B5003F
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Hk6JtKi2SoiIMfYAp7UAPw%3D%3D&gdpr=0&gdpr_consent=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/420486.gif?partner_uid=1E4E89B4-A8B6-4A88-8831-F600A7B5003F
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1E4E89B4-A8B6-4A88-8831-F600A7B5003F&sInitiator=external&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUU0RTg5QjQtQThCNi00QTg4LTg4MzEtRjYwMEE3QjUwMDNG&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b13179aa-bda5-4174-993b-e35908e44d7d&gdpr=0&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1E4E89B4-A8B6-4A88-8831-F600A7B5003F&redir=true&gdpr=0&gdpr_consent=
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| ucf object| request string| paramsString object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| setImmediate function| clearImmediate function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags boolean| ampInaboxInitialized object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| ampAdPageCorrelator object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries boolean| descriptionPage object| dataLayer function| gtag function| quantserve function| __qc object| ezt object| _qoptions object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

78 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQwPiA0dkwCgoIgQIQwPiA0dkwCgoI4gEQwPiA0dkwCgoI5gEQwPiA0dkwCgoIhwIQwPiA0dkwCgkICRDA-IDR2TAKCQg6EMD4gNHZMAoKCIwCEMD4gNHZMAoJCF8QwPiA0dkwCgkIHxDA-IDR2TA=
.aralego.com/ Name: sspid
Value: db0ef74a-da38-3401-bc96-f1c18665a63c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmSV4bwEM8vATQDSzB-ZIOA9gTUd9WaaiPo-gebBL1odWYfq4-_Y04UTxF-zvQ
www.bg3.co/ Name: __AP_SESSION__
Value: a1bda29b-501d-4053-bc9d-5d12a08ac535
.bg3.co/ Name: __gpi
Value: UID=00000ba11f16a183:T=1673328074:RT=1673328074:S=ALNI_MYiZUDLftZ5mfkay6KWY2moTtnrww
.adpushup.com/ Name: ap_uid
Value: 9a4de340-90a6-11ed-82ef-6045bd227376
.adpushup.com/ Name: ap_usid
Value: 9a4de341-90a6-11ed-82ef-6045bd227376
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: e7ed7e99-98fa-4c00-9e23-e90ea839e56f
.openx.net/ Name: i
Value: e7ed7e99-98fa-4c00-9e23-e90ea839e56f|1673328076
.omnitagjs.com/ Name: ayl_visitor
Value: 1ea81b5d31549dbde8ccb6bd206ebe14
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwzOvznQY4AUABSAEQzOvznQYYAA..
.adnxs.com/ Name: uuid2
Value: 754610246291418313
.rubiconproject.com/ Name: khaos
Value: LCPSBZFV-1X-9I5B
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIzRz4821C6w3Xrd8oPN4aCyDbpmsgErD7ufcx08R6N3i5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.teads.tv/ Name: tt_viewer
Value: 88dac173-91e2-49cf-abfd-2a9f23708a0e
.bg3.co/ Name: __gads
Value: ID=225f015628a9c403-2251ffb53ad900b1:T=1673328074:S=ALNI_MboInCw5vK3ykQLvQTUnmC1_AOGYQ
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1673328079.1.0.1673328079.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.413814887.1673328072
.quantserve.com/ Name: mc
Value: 63bcf5cf-a8968-92c2d-6b27e
.bg3.co/ Name: __qca
Value: P0-1509787654-1673328078794
.blismedia.com/ Name: b
Value: 63BCF5D0596F6ABC1D579441BLIS
.ctnsnet.com/ Name: gid_CAESECME8n6qbbX47c-jqbz8Cs0
Value: 1
.ctnsnet.com/ Name: cid_830990b0bb0d496fb91a3cea77b03fe2
Value: 1
.ctnsnet.com/ Name: cid_f37429489874444b9574bcc75ae605db
Value: 1
.adsrvr.org/ Name: TDID
Value: b13179aa-bda5-4174-993b-e35908e44d7d
.tribalfusion.com/ Name: ANON_ID
Value: acnseFr2PKcFuYnRYa7VyEia6mSZdqrlWKJtVZbZc5HBY9x7UwyOcxH1ibdduppQsTZcJmUZb6Zc3mwKPp3yaCHZbO9
.yahoo.com/ Name: A3
Value: d=AQABBNH1vGMCEFSqKQEeKH_oBR5rZIKgI_IFEgEBAQFHvmPGYwAAAAAA_eMAAA&S=AQAAAjpeB0h_6z1x4WtVXj8NHh0
.simpli.fi/ Name: suid
Value: 50FCB8F1664C408CB1D2D56BADC2C391
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22b13179aa-bda5-4174-993b-e35908e44d7d%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-10T05%3A21%3A21%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVOv]eR-!]tbPl1M>e)ZlrFUfJ+tGXxomSiHa4a:eL[>iu::CzkuvC>D2JYZSp$XFIPS3If)y3KL9D3I?+`o?5K2
.openx.net/ Name: pd
Value: v2|1673328081|jElYiuvOiahI
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a9900775-d885-4280-7ce5-221f1d6e12ca.RUsNnG7ydtJ%2B%2FXQ0usSKGnEQoJ2JQWB3fh%2FXi3nZjtY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AqZAHddiFQoB85SIfHW4SynRaStY.q2xj7HN%2BqFBc9eAl%2Ftyt3k7sr%2F0MvWsMBpGsT7CYtCE
.3lift.com/ Name: tluid
Value: 4384555893926296192169
.openx.net/ Name: univ_id
Value: 537072971|b13179aa-bda5-4174-993b-e35908e44d7d|1673328081777285
.zemanta.com/ Name: zuid
Value: lXhSoj9FHRh6YHSBYpR7
.turn.com/ Name: uid
Value: 4262286037248703328
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjczMzI4MDgyfQ
.casalemedia.com/ Name: CMPS
Value: 4988
.adkernel.com/ Name: ADKUID
Value: A7895670797110204250
.ladsp.com/ Name: smn_uid
Value: 6aBQi9Cj1rAsKSdp5BPd0w8x6LtYfyQ
.ladsp.com/ Name: lum
Value: CLL8gNHZMBIFCAMQ0AU
.bg3.co/ Name: cto_bundle
Value: ezZoDl9UUVFMJTJGNzQ4YzFRc0xWV1lEY1BIRHZvQ0dST05ZaXloYVpBcWZHaFphcmR4TTNtd3dSYThPN3ZUa2F2cE1CMmdZaXh6ZTJoUkw5JTJCSmlRUHJrSlJNZjNqc1JRYjFHWk9DcnNGM1lHZGdoaGslM0Q
.bg3.co/ Name: cto_bidid
Value: kos7bl95ZDY1T2NSdDNPMXZxR0lGcUZmUGcydEtUS3RiaTZGaTlGUGFvNXowdUt5Yjdqdm96bjBncWNieUx5RFFyT2JGMlJrUExKbkI3d2JoN0l2dGowWUJDdyUzRCUzRA
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.a-mo.net/ Name: amuid2
Value: 23bbb514-9d25-44f8-84aa-c65402d361cc
.prebid.a-mo.net/ Name: sd_amuid2
Value: 23bbb514-9d25-44f8-84aa-c65402d361cc
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&548bb8c8-94b1-4718-83de-c28539efb588"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3034:u=1:x=1:i=1673328082:t=1673414482:v=2:sig=AQHGLoFCfH49T342m70CAGPtPtmErrEh"
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A7895670797110204250
.quantserve.com/ Name: d
Value: EDcBEAGCKIEK_fsQ
.socdm.com/ Name: SOC
Value: Y7z10sCo5s0AAM2zJpQAAAAA
.bing.com/ Name: MUID
Value: 2BEBE2FFB13C645303EEF06AB00E65F0
.c.bing.com/ Name: MR
Value: 0
.bidswitch.net/ Name: tuuid
Value: 705ac2ed-5e5a-46e0-9b8e-590b7622ccc4
.bidswitch.net/ Name: c
Value: 1673328082
.servenobid.com/ Name: pid_312
Value: 754610246291418313
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~29c5
.brand-display.com/ Name: _knxq_
Value: b41a4b44-2769-166a-67fb1403.1673328083.0.1673328083.1673328083
.bidswitch.net/ Name: tuuid_lu
Value: 1673328083
.gumgum.com/ Name: vst
Value: a_8be1e3c9-2b4b-4274-aa17-a53034e79bb5
.minutemedia-prebid.com/ Name: wrvUserID
Value: S-J9_OFaC_mm
.ads.pubmatic.com/ Name: KCCH
Value: YES
.amazon-adsystem.com/ Name: ad-id
Value: A_3aTx59j0YFkgQvJe-R37E|t
.servenobid.com/ Name: pid_333
Value: Y7z10Xh6O-mGW7FA0zMwEwAAE30AAAIB
.casalemedia.com/ Name: CMID
Value: Y7z10vBu9BZ6gdpfiiVpkwAA
.casalemedia.com/ Name: CMPRO
Value: 4697
.go.sonobi.com/ Name: __uis
Value: 2825e28a-0c5f-4ecb-a68a-7f115f85bfdc
.casalemedia.com/ Name: CMTS
Value: 4989
.servenobid.com/ Name: pid_337
Value: y-6hQ6v79E2uG1PjSbZBXao3jjAr9JwZc54h763ZM-~A
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI_K2LqpG1uTsQBRIWCgdzdng5dDUwEgsIoueEtZG1uTsQBRIWCgdydWJpY29uEgsIiKDsuZG1uTsQBRIVCgZjYXNhbGUSCwjskfe7kbW5OxAFGAEgASgCMgsI7JbQ7qe1uTsQBTgBWgZndW1ndW1gAg..
.dyntrk.com/ Name: dyn_u
Value: 07030002_63bcf5d3741c1

29 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/c8c82b199518a8088ee53f9ad1e87b37.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/6b7c13f5bd5f9edfdb67483f3daac686.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/49b8e44ed6a38430e18a7916d1253fab.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/af6238ba6a7e90fd011c8be291b616d1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/511a77d46f403ae77dc2ea4c13a6aad4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a3f4ca5974e492c5a804c5a59fa40968.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e2c1d8e3abadb11a065958f58e576912.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/59c8ff4df3f00954d57d220a8acbd0b8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/7c78239dbd972fef1b03efa730a4c0fa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/bab833d2015538e51fd698d52089210c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202011/cb6294b8cad90142733fdfe408964c40.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202110/7d2810aefe047a6baeba57bd4b446738.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202301/133a301826b0df7e02672dfed396c674.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/691a2013fbfa8c312a4654d2115c41d7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/eb4e8a4eadf23153513f29d30d30c67e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/df03fd1c2ab1eb75557afbc48ec3d3fb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/37ee0dfae4412f851102bed4defa795a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/c0a6282bfd7d8ef416d26b12f2feed2a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/af9b8afa1e56252d04aac3c7b2b66859.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328076752&bpp=1&bdt=601&idt=412&shv=r20230105&mjsv=m202212050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7271324632331&frm=8&ife=1&pv=1&ga_vid=1665242101.1673328077&ga_sid=1673328077&ga_hid=201472305&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071366%2C31071399%2C44773747&oid=2&pvsid=108627130740098&tmod=1501451890&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.bfx55ty7vm83&fsb=1&dtd=416
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328076748&bpp=4&bdt=596&idt=403&shv=r20230105&mjsv=m202212050101&ptt=9&saldr=aa&nras=1&correlator=7271324632331&frm=8&ife=1&pv=2&ga_vid=1665242101.1673328077&ga_sid=1673328077&ga_hid=201472305&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071366%2C31071399%2C44773747&oid=2&pvsid=108627130740098&tmod=1501451890&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.51isdm9nkg8r&fsb=1&dtd=411
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EvZmVpLXFpLTMwZHVvLW5pYW4teGktYmFuLXlhLXpoZW5nLXp1by1jdW4tbHVvLXNob3UtY2h1LXpoaS1tYWktOTgwbW8tdGFpLWJpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520751&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328077016&bpp=3&bdt=810&idt=404&shv=r20230105&mjsv=m202212050104&ptt=9&saldr=aa&nras=1&correlator=292469716514&frm=8&ife=1&pv=2&ga_vid=2016053148.1673328077&ga_sid=1673328077&ga_hid=1279318029&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071387&oid=2&pvsid=2728621662198204&tmod=313398691&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.3u0y03z5l6a3&fsb=1&dtd=420
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093739&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673328077019&bpp=1&bdt=813&idt=423&shv=r20230105&mjsv=m202212050104&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=292469716514&frm=8&ife=1&pv=1&ga_vid=2016053148.1673328077&ga_sid=1673328077&ga_hid=1279318029&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071387&oid=2&pvsid=2728621662198204&tmod=313398691&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9t0jamhxhsq4&fsb=1&dtd=427
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32f949fa58c37c183fdbd257f87c8b99.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
ap.lijit.com
b1sync.zemanta.com
b7a584a546293368b63b65de32bc0d75.safeframe.googlesyndication.com
bd482e59e60f82a4bb7d0d68a90a60f3.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
csm.as.criteo.net
d-23567834523559408810.ampproject.net
delivery.adrecover.com
demand.trafficroots.com
dmp.brand-display.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.betweendigital.com
ads.servenobid.com
ap.lijit.com
bh.contextweb.com
c1.adform.net
cm.ambientdsp.com
cm.g.doubleclick.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
demand.trafficroots.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
ib.adnxs.com
idsync.rlcdn.com
image8.pubmatic.com
match.adsrvr.org
match.deepintent.com
p.rfihub.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure.adnxs.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.technoratimedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usersync.gumgum.com
x.bidswitch.net
103.229.10.192
103.231.98.196
104.16.85.20
104.18.24.173
104.18.33.19
104.18.36.94
104.254.151.120
104.26.4.103
13.107.21.200
13.107.42.14
13.33.33.118
13.33.33.91
13.33.88.118
13.33.88.71
13.76.45.37
139.5.84.243
139.99.49.250
142.250.4.154
142.250.4.155
142.251.12.94
145.40.89.200
151.101.193.108
151.101.66.49
152.199.39.108
172.217.194.147
172.217.194.156
172.217.194.97
172.253.118.132
172.253.118.156
172.67.72.16
174.137.133.49
18.136.31.174
18.178.247.29
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
184.51.137.72
184.51.240.213
202.241.208.57
209.191.163.209
209.54.182.161
216.239.32.178
23.106.127.164
23.106.69.72
23.108.102.145
23.23.131.203
23.41.65.80
23.75.85.227
3.233.146.17
3.33.220.150
34.107.148.139
34.111.151.213
34.83.125.63
34.96.105.8
34.96.71.22
34.98.64.218
35.186.193.173
35.213.117.18
35.244.159.8
35.71.178.8
42.99.140.144
42.99.140.161
50.116.239.135
52.16.124.13
52.193.158.132
52.197.233.239
52.74.162.2
52.76.48.74
52.84.45.26
54.69.44.22
64.120.88.131
64.74.236.191
69.16.175.42
69.173.158.64
69.173.158.65
72.34.250.75
74.125.200.155
74.125.24.132
74.125.24.149
74.125.24.157
74.125.68.154
74.125.68.155
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
016ba1c3bbbc25db9be88ab9366cca139018081e82b880bc0c81babffe5dbfb0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0a2df3baddb4df463786aa3ba32796cfa0d268ff419d25f5324d3da8857770
0ab2aa62f861a9352a46154b60552333409c7ead1c305c35c009417950f350ce
0aca2603667c882dc28b75ddd4d9d2c38670dc1a4c7f0df4052412ef4e5bd2b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb4c8810c0d04b3d1d1e0995c02f11339d8083a65ffb19208574888ccdaba27
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49
0fddacb1b4b94539fcb975e43c63d6b8fb2257f1c6cdefa318d156d4e5a57374
1029b050487059828b253f9da4693cbf8a28067c5f9bf0bbef108b3ff1b0ed7d
117d5c1b24de6d970924e9cb574d963612127e9cc502c6f0ba97eca6ed9a22a7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12cff58f0b543145aa62b2a1f5ebc05db6bc99dcafb2a76bcc48deda859ce887
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1ad285613aa1a67772ec481eeace5881f2fa839ccacf71655c7eb3fbf6b14524
1b415b03535ebe46491f5d605d18752af8a7eebb2551c68db0f76170de2da702
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1ff56242d20225348e6e8a4fc705f18ea64f6f585b87ede4876f14a0a649e9e7
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56
265be2ecc4ec1791abd894e64598c9a369ed8eab91f1e4f780f9011db863b3eb
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320e149bdbdf0339d9b41b1e6095b6dba5ea37829166d92dadb273f45c02e098
352006807666deea7726b8c08b8b44488937ac2a6ea3c8c8ce17a33f6fbef0a9
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37114603e314b43008c3dbe162e09b40cf2cb2a59a20742eca949a04bca77f3a
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38ac30cfb2837ee59dee06f8ea552deb004edce6e9fea5a05f71d0dea6dfb540
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f6bd0c36a51c72ee289c76955304428488b40576019c7996c1c02f045fefeda
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4398e2ae44d67d9b686804de952de2090998f3d78d05429937bda47a685eb2ef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4583b79ec94fdbbf33399ccebf9756b081d529ee51b9910d00e973c26f090574
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a33af8aef09f18689e1c73ff8bdb3fb73c2eb70de0e046b1fd6e3317a40954
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d47f0a226df2f27fee630656f5c4f3ac2e6ea6f721cee319f953c6f253c1c1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7d4adec5b04fefffd60cbb624bed909385fb1f606ab0e86916168ad27091c3
502d8226205ff7c90825d5ac4f9139551c149abb6b6c89315de9fb3f3ada3554
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
559f0cc9f561de44bd5ca1ad9e785337e39da6802dc6797a9783e857f0c2319c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1cb867ee7ef9bede0243b7b020a3d9e4d28add39dda05762f79e1669450058
5b49111156985107f74c1b64f7c9a67ba5d11adacb896cbc87ae0d8afce78ae5
5c6663abf6cda2f47eefc1b625835dd008024bd2d89f625618f1cecf0c705d96
5f3d992a8f5c1c422eaa51d219c1459bac9dad5cba9ecb372082de08e47b3944
5fdfa675e706c6b0fa53e8e435c63e392d53f3f1bf929f2da8c7fa483a5bcca0
60648cb246ce4141867e508bce0a2c82feae1415a695e7cb96acfc6acc7705bd
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f3c0c3d05801adbcc0101b51101d92e9c4307db73909974b1dd0e0d0427a55
65009a56b9e619dfe3d842084fd93cd1b2fd2d45ec3c12964be2db5866052327
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
6865fe4a5f3af2b883265c65455aa18d37dd897a265e87cec086a7b87d821906
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6bba87644aeb0710b10ef28a67ec39cb837f8c0e13a3b0785f61c8bd64d552de
6bf50be3fc61730ad8c07c9cbef19aedc3ac16a37dfc02f3bc2a10fb0568f3d6
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70ba18c84e9500ed61e0efee2f7ce91f412b1de08876b1089f15a14ce6de0a9c
711e54109acf1b8c97d4a5466d72a326e0714e60e7fae02a4d8539624c55a0e7
716f1711544128b1eb374f62b2ce9d2635443e1f42a02c538f3b1d882c46896f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72d2e364115958b2c520bfe3396eea9a49f9918499f44adfc40f83ffadaa618f
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74492d6993a5e776dcd59cf63d65533ea6ea1397a97fb1c227a543a2f64f829c
75412b71cd61566fbeb2ed5a246ea5974018ba898a5e92d8b3d00ca14a8762de
75e2d9f35784c51f26e71f6eea3c77c659ce1ff3727be67950864462813a682c
76a862dba57901fcc377abc56285bfd9eda47c05a5cb86b80da26cc404d5d50f
7e10a541410033a6369957b21ae7bbb0ed82ade7a45ea97432ba15bc8f8054c4
7f8d63a9dd5487f69d950c0c2ce5ce11fe2f06d619cc87c6fdedff1fd8d31af6
82aab6a9e4643d19aa6a8bed850bd8c349bff79975ba20df691335d9adaf2ca5
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835af589ef43184d6e6ce1d6cdc4e5d48d93ada3bffe9858ff94c939bbe0be74
83b5c380b2e7d30e8942597cbfb273886d9fe8807055e97fc0b8656ed17cf9ba
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
86c0c06ce362d81cd759060e50dd209b03cd34bd708302af0a7a45e7e7c419c8
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
87e14f7f88e7c4cc385aa2a8d350afa057cbeac74ea3cba4d2df129dc24a5065
899ed594842c7f0bdc354bd1a9f6fd90daa0738b309370a6e9bfb91bdb735b0c
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8e3aae55ced5b89a57776af4feb514df8e5e41121d3619607d990effc97e45b0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91d5e7bbab815f660291f1b61c978c270f288cf5e199aacb3ae5e2c6636fe2be
93a8a44cca820f9a7aa320974a3b8026218839c9829e86d4cff4eaa3b645a45c
93d1ea460ee12ab1fdba72f94cd9c5f319324615ade5d58159043b25aadf877d
9697747e20cb0eb6000cec026d3ec5439e0e5fb2ea8ef5d94d08482bc5211e5e
987cf494483d44d5e01fe5928229625d7536ed129be62d788091bf001443f9ea
98fb9f77fc0aee18e050d7e800044a17a6e788f5a345f84d1ac65da178142d7a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9caf40ce37162d6fef424641c662dad6db99cec79a8641e3a7ef5f849dab37ec
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e2db11dbbb7dc2aa395fbbadb92da7e4142f428b97bbab4ba9d0b1620eafce5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2d714c4977f10509b8d369363b61b7f7053ee3c4057c1291abe418f9a04c508
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a32511878b2514c01a5f2d703fdfadef5791699ec540914c2b4e467cb891bd1e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ab523d8c673b76a1d12c1eaf5031ff7da032d2244bc3586ea688c1dcabac8df0
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aff96f1b56b04d0010d875affd6e269c3d55984a54ce4544037dbb6c89854b86
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c
b096792c77646b1a6bc6d5f11eae35a00f4ea0f1d9dd6f9cd4db24079ebe1f9f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
b50ba243cc1e448968d4401a4e7bdba22913e7e04e3323526a5af490c040d130
b7c80316a514c0892bcf6f6c1966a463dfbb379d97c0fdcefb666408f17ed0dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2641f77863669945442b1e5298838ff101a637eca6488d4b7105248f2dc965
bd0a7b3d029bf4546ccd7a859eceb0158a3640e75051a33a31bbc2964c30db79
bf310ffed11a0122e559b5d9cb414fd53ccdb6549430e352e8f6a497fff1352d
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c1cb3e8fe8812390284c5c27b79c587e5cb5f549db82a07265e0d82425e12c19
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4d3edd5b9ea4d0147ee80cfadccc567bae177fd3278b1b3c36f3fe0f57cca04
c854904ff9b174279124c373152be17b526b1f829856f24d6de4b89c7446c413
c98846a3eb6200c0618de22dcf90e4d0c0da33ea7bc5a993d1eb58cd3cf77d44
d383753b69e3d73a473522231ba77da35413c79389c6164468bfba7244142494
d593255966e8e7f3c9cc4404f77cb1de8ad60d42e4c9503d2aa61cc110f77cab
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
db49cd0a9525be37293bbec39406b757d336b4c995b121ab09494a39407721aa
dca1557fd3dfb501a424284bb116ff38ba1ad5ef89f386da52e0ad334c8d5ecb
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfdfea69022194841bb0782b2a924a1d5e002d08838c2ea725071989da789b15
e187350764f572e3fa3e66cba6dd7c6d932d28cc9350217937e6c2c146eccc62
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8e3ef7392a35c2b23be083f7438bb25012d120d1acf31c0c830ce8d0768f77f
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eef6e50516dd1bc5e94db6685463176f5c05db0d2a21fe90aa3d3a3871a5b8ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5de37110c316dd3b5898a81b5865b9fcbaab4cd21880b84f407ef9d0106f6
f0bfc7f565ffe2912dd3353025a1a0eb8cce7ed98dc03326b91ebb1f50b79beb
f31ef1a393c40b11520c985e323ea3d5385e1193cb97edc86b5b76643df641e5
f5fdb8be98665e4e56b4125b819ebd823434114ad1262ea85e4def6c6427c82e
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fbd1e8b96c46848db89a70d3e4612e5ac22b113200bc3b376094eeed4cd0e3fb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e