www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Submission: On July 22 via manual (July 22nd 2023, 5:12:24 am UTC) from US — Scanned from PT

Summary HTTP 296 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 56 IPs in 9 countries across 40 domains to perform 296 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	172.217.23.97 172.217.23.97	15169 (GOOGLE) (GOOGLE)
1 9	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
10	172.67.71.254 172.67.71.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.108.153.15 193.108.153.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	193.108.153.12 193.108.153.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
49	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	13.114.150.222 13.114.150.222	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
36	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
2	23.36.163.114 23.36.163.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.173.187.9 18.173.187.9	16509 (AMAZON-02) (AMAZON-02)
1	172.64.202.13 172.64.202.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.228.74.251 91.228.74.251	16509 (AMAZON-02) (AMAZON-02)
18	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
3 3	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
8	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
2	54.249.104.171 54.249.104.171	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.35 99.84.88.35	16509 (AMAZON-02) (AMAZON-02)
4	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	54.217.214.211 54.217.214.211	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	3.233.155.176 3.233.155.176	14618 (AMAZON-AES) (AMAZON-AES)
6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	18.66.192.85 18.66.192.85	16509 (AMAZON-02) (AMAZON-02)
5	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
24	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1 6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
2 3	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
3 3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	18.173.187.51 18.173.187.51	16509 (AMAZON-02) (AMAZON-02)
2 2	3.75.10.195 3.75.10.195	16509 (AMAZON-02) (AMAZON-02)
1	87.248.119.251 87.248.119.251	34010 (YAHOO-IRD) (YAHOO-IRD)
1	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
1	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
296	56

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f97.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-15.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.108.153.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.150.222 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

d-27996936491020871064.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.163.114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-114.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-9.muc50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.202.13 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.251 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.202.187 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.249.104.171 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-35.muc50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.217.214.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.155.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-176.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.192.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-85.muc50.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.126.138 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

rbp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Ashburn, United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-51.muc50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.10.195 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-10-195.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.251 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 848 trc.taboola.com — Cisco Umbrella Rank: 608 vidstat.taboola.com — Cisco Umbrella Rank: 2612 il-trc-events.taboola.com — Cisco Umbrella Rank: 19408 images.taboola.com — Cisco Umbrella Rank: 1818 imprammp.taboola.com — Cisco Umbrella Rank: 12804 am-match.taboola.com — Cisco Umbrella Rank: 12807 wf.taboola.com — Cisco Umbrella Rank: 2751 am-vid-events.taboola.com — Cisco Umbrella Rank: 12146 vidstatb.taboola.com — Cisco Umbrella Rank: 4890 pips.taboola.com — Cisco Umbrella Rank: 1561 cds.taboola.com — Cisco Umbrella Rank: 1767 am-wf.taboola.com — Cisco Umbrella Rank: 14037	2 MB
65	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com 97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com	671 KB
28	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 ad.doubleclick.net — Cisco Umbrella Rank: 186 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	812 KB
24	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1142 eus.rubiconproject.com — Cisco Umbrella Rank: 631 token.rubiconproject.com — Cisco Umbrella Rank: 626 pixel.rubiconproject.com — Cisco Umbrella Rank: 382 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 32175	48 KB
12	aralego.com 4 redirects ads.aralego.com — Cisco Umbrella Rank: 37209 sync.aralego.com — Cisco Umbrella Rank: 3052 agent.aralego.com — Cisco Umbrella Rank: 288707	8 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1723 adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	14 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 395	219 KB
10	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13341	163 KB
7	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 ads.yap.yahoo.com — Cisco Umbrella Rank: 13646 geo.yahoo.com — Cisco Umbrella Rank: 1379	2 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 16991 e3.adpushup.com — Cisco Umbrella Rank: 18137	275 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	878 B
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	139 KB
3	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 103260	30 KB
3	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1078	2 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1226 pixel.quantserve.com — Cisco Umbrella Rank: 919 cms.quantserve.com — Cisco Umbrella Rank: 818	10 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 69708 sync.logly.co.jp — Cisco Umbrella Rank: 74897	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26526 audiencedata.im-apps.net — Cisco Umbrella Rank: 28958	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	1 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 555486	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	685 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	83 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 425 dis.criteo.com — Cisco Umbrella Rank: 588	651 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 27494	12 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 572	30 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 789	446 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 41294	610 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 865	714 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 322	76 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2859	515 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1589	471 B
1	mxptint.net 1 redirects rbp.mxptint.net — Cisco Umbrella Rank: 5040	696 B
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10921	253 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	635 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19539	3 KB
1	ampproject.net d-27996936491020871064.ampproject.net
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 107113	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	11 KB
296	40

	Domain	Requested by
36	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co ad.doubleclick.net b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com www.googletagservices.com agent.aralego.com
24	tpc.googlesyndication.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com ad.doubleclick.net
23	images.taboola.com	www.bg3.co
18	il-trc-events.taboola.com	www.bg3.co
17	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net agent.aralego.com www.bg3.co b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com www.googletagservices.com
14	cdn.taboola.com	www.bg3.co cdn.taboola.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
8	eus.rubiconproject.com	ads.aralego.com nt.compass-fit.jp eus.rubiconproject.com am-match.taboola.com
7	www.google.com	tpc.googlesyndication.com b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
6	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
6	token.rubiconproject.com	eus.rubiconproject.com
6	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
5	cm.g.doubleclick.net	b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
5	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	www.googletagservices.com	b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
4	www.google-analytics.com	cdn.ampproject.org www.bg3.co
4	trc.taboola.com	cdn.taboola.com
3	agent.aralego.com	3 redirects
3	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	adservice.google.com	cdn.ampproject.org pagead2.googlesyndication.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	x.bidswitch.net	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	2 redirects
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	ups.analytics.yahoo.com	imprammp.taboola.com am-match.taboola.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	geo.yahoo.com	adx.holmesmind.com
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.sitemaji.com
1	s.ad.smaato.net	1 redirects
1	dis.criteo.com	b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
1	s0.2mdn.net	b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
1	b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	match.adsby.bidtheatre.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	rbp.mxptint.net	1 redirects
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.bg3.co
1	97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	pixel.quantserve.com	www.bg3.co
1	imprammp.taboola.com	vidstat.taboola.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	stats.g.doubleclick.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	fonts.googleapis.com	cdn.taboola.com
1	secure.quantserve.com	cdn.adpushup.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	l.logly.co.jp	nt.compass-fit.jp
1	d-27996936491020871064.ampproject.net	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
296	81

This site contains links to these domains. Also see Links.

Domain
1t5cbr.llsdzktnxwnnr.com
popup.taboola.com
track.infinite-track.com
2ab710.zbrjtstrclnm.com
mrwvhw.dmtrlsng.com
www.manukafeed.com
storytohear.com
www.idealista.pt
www.conselhosetruques.com
www.sofiagodinho.com
trc.taboola.com
www.conforama.pt
www.bigglobaltravel.com
trck.tracking505.com
5minstory.com
5e3994.llsdzktnxwnnr.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 38 frames:

Primary Page: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Frame ID: 40AB135E338C4C41E9B8DBAFB1B1F5AF
Requests: 137 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9FC2B6115E35A86E3623A1E5FD9C6CCF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2C5B272539A4EF2D40651DC7ED097D04
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 21FDB4210BC843DF728AF32E246BD07C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 04AD062FB352D53AE4C8C93FFDEA23A6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 145908E57A5FC0B5A2A3CB3908B6049A
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: EFF20982F6242D8C7E115071503983EF
Requests: 12 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: E199D249344F5A925C3407EFE5650D92
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 387EEC200CD7563ED1934A997DF8BB17
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1690002736793&uv=3305&tms=1690002736793&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ee865fb4-8519-47e8-951e-9ddfe6fb8d25&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C11BA86B72C17CF21895A25613AD9596
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D926FF6801FDC63D2B896B7BA125E6F7
Requests: 4 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 98DEDB7DF4D4C8BA6E5B1ABD9E19296A
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 61B1E8DD7A0540C8894A0B8D9C90F572
Requests: 3 HTTP requests in this frame

Frame: https://0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 04B0259E90455067999F4FA8475EF085
Requests: 1 HTTP requests in this frame

Frame: https://97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4AF4C71610D4A0D97214F44CD8764F6D
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 4728851A5D4C7B05F48E6777F8680360
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2932F239DD486B85D357390E9B7F4054
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 42933F0661A3799656812EBAA5B5B60C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CA852D4B3D9BF7EB5F1B02529002534
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C14AB368808422484D13942E87BDCA56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C5213D06594AFB75C8E7DD448D07F8A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45B3A67BC557402C56AEF6C58651D9E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F97162DDF65D6D705C329CA57665140
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19D8BAE2EB497F16EA0ADD425F28BA6E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0156AC4B0E2F9545B2DFE1FF62C61BEA
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DF2D76D6D06FF6D377E3DED43D788CE5
Requests: 6 HTTP requests in this frame

Frame: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 214F4973C7AF8163CCDF90E150214B86
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D188E0C01460E5F325B042FDCE05F168
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68461F2B341E30D651DD4DB29944DE6B
Requests: 2 HTTP requests in this frame

Frame: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 76E9B1F27FB8E03B8D3488FE726BB8FF
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 9FE0A1A6D13158D665015347D4B70E67
Requests: 6 HTTP requests in this frame

Frame: https://b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 0A77BB1D1AF6DF1CD1AB120EFE4F1995
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED4D39F5383B52909F71F31DB66A5BB0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B93B6464856EF28AFA5C4D6C69240F1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B96AFED752B3E995493523C1B52D3015
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EBAA1D3B5950ECA2168BBE6CC7E2985B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwXwIZOMD4batFpj79-GPyHcZaTRX4gwguHIC-5XlMcf06jHUm3OynY-7DBElYs7URlJwY_rqr7lK1UkaO1oe5WH1kSUyHfNPzKzy8QnJzEr0hapfK4_FZkSYyyLxomjiDVk6cotZvRDyhmCYiugd1WssxeUv7rSkw0YCCxu7OinukNC9V0IzhjvDtqP0mcApW8l2NSFlNqOBtLpOXyR8q2f5ksbMc5nd3-LNI1U-umjJR7iuk_5VIKQvFb_QGMmVQuTqXYIFKnoq9al3_V_bv60eIqUwWUWow6vxyCozGgv0t-RRYcOuBwWfLP-R1tF8PTY_vqGRUyuNqp2s&sai=AMfl-YSP0pCUXg4N4QJL-drdy_nPOU6kVRnxsX6hgJJViDEqS85GYPSFxUd-5g11mdkd1G8_xdFCWeWpROV21eZRXPbiAruL39EP30f6WA&sig=Cg0ArKJSzDe2dxREU4_ZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EED13197AD5F146A0AEAA7467E5A76AC
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 2458E355986485826BA76A3AE54B443F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

華南金控 2月稅後淨利10.29億元 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

296
Requests

94 %
HTTPS

0 %
IPv6

40
Domains

81
Subdomains

56
IPs

9
Countries

4822 kB
Transfer

12167 kB
Size

24
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://track.infinite-track.com/39365bf6-4359-4f5d-9eba-c4250ca6c1df
Title: Reparação de telhado | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://2ab710.zbrjtstrclnm.com/
Title: Liquidação de sofás | Links patrocinados

Search URL Search Domain Scan URL

URL: https://mrwvhw.dmtrlsng.com/
Title: Carros à Venda | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.manukafeed.com/bebida-a-eliminar-a-dor-nos-joelhos/
Title: Food Prevent

Search URL Search Domain Scan URL

URL: https://storytohear.com/pt/ho-to-clean-a-burner/
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://www.idealista.pt/news/imobiliario/habitacao/2023/07/11/58547-antiga-fabrica-convertida-na-casa-estudio-de-dois-arquitetos-em-milao
Title: Idealista

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/varios/senhora-cadeira-de-rodas-escadas-aperta-o-botao/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://www.sofiagodinho.com/pt/88-beachwear
Title: Sofia Godinho Fashion Lda

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&ri=874730512e27dd48614be6185bd85d58&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002736_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&it=text&ii=~~V1~~-1386892244675244432~~av8KxBdJI-KEHvRq5tXfGChR0Y_ku0F0olwaMfPTEsH6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZBGS43MTwq4peCyxxt_ISD287MXzNJP9_7IhpvnN7mndSyJZ3JRLbYyMsYXJAi4sbkcKREGZu7Z0U_8-_xTMmi2LN18X2NIMDQf4MUIi4_zLG5-vezCPQVcblmqDlfvTwmPU0c4hQ-eua_oD4xt3BT__n9lMleerstoT6wM3EDqA1d0Zy71v-dpt0sorzTKp8w7tOzCPlYfhzKVSNAsUsd&pt=text&li=rbox-t2v&sig=9c7582b2c4a1338d1a4731530387a7fbac0ba903ece8&redir=https%3A%2F%2Fwww.sofiagodinho.com%2Fpt%2F88-beachwear%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiAAddncAhM6ddIqA7G1Im5uEkJ9_gLSsP3hkAljPCgx4CCRu1EoiM_298SSvdo7%23tblciGiAAddncAhM6ddIqA7G1Im5uEkJ9_gLSsP3hkAljPCgx4CCRu1EoiM_298SSvdo7&vi=1690002735570&p=taboolaaccount-ruioliveirasofiagodinhocom&r=72&lti=deflated&ppb=CKMH&cpb=EhMyMDIzMDcyMC0xMC1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNjM4gNzqLECE1AxI59YMUNLw2ANY____________AWMIsUQQyVoYMGRjCP5IELZgGAFkYwjXFhDVHxgjZGMI_hYQiiAYE2RjCNz__________wEQ3P__________ARgkZGMI-f__________ARD5__________8BGAdkYwiWFBCeHBgYZGMI0gMQ4AYYCGRjCOskEK0yGB1kYwikJxCKNRgvZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgB0YmN4Jcx&cta=true
Title: Compre já

Search URL Search Domain Scan URL

URL: https://www.idealista.pt/news/imobiliario/construcao/2023/07/07/58600-credores-aprovam-liquidacao-da-construtora-soares-da-costa
Title: Idealista

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.conforama.pt/
Title: Conforama

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&ri=cf8ada58a41ba178c126aaabcdcb9490&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002736_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&it=text&ii=~~V1~~-6948510486383455016~~SzH5QqzjguGORhaNqk8nziy9YsEgjk9ZTm3bnjnT9hb6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZBGS43MTwq4peCyxxt_ISDS5k0m8EFipyXhgW83DourgLqRSbupmZ8hsPlqv_tXzH5tRcJaaY8rl47lXyW4yMCyg_3DmWDmDDbqicuf5gtAhOnuNw_DNGEUPnNH2CiJsURCbxhErWsJoBcmxmY6IVsDn1c_9a0Y-132FrkGnByH46zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=a75db6f148ad02c69fdb348bb2be91d0afe1657c8085&redir=https%3A%2F%2Fwww.conforama.pt%2F%3Ftblci%3DGiAAddncAhM6ddIqA7G1Im5uEkJ9_gLSsP3hkAljPCgx4CCLw10oioTahIv_2epb%23tblciGiAAddncAhM6ddIqA7G1Im5uEkJ9_gLSsP3hkAljPCgx4CCLw10oioTahIv_2epb&vi=1690002735570&p=skyrocketes-infinity-conforama-sc&r=85&lti=deflated&ppb=CLcC&cpb=EhMyMDIzMDcyMC0xMC1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNjM4gNzqLECE1AxI59YMUNLw2ANY____________AWMIsUQQyVoYMGRjCP5IELZgGAFkYwjXFhDVHxgjZGMI_hYQiiAYE2RjCNz__________wEQ3P__________ARgkZGMI-f__________ARD5__________8BGAdkYwiWFBCeHBgYZGMI0gMQ4AYYCGRjCOskEK0yGB1kYwikJxCKNRgvZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgB0YmN4Jcx&cta=true
Title: Compre agora

Search URL Search Domain Scan URL

URL: https://www.bigglobaltravel.com/cities/world-borders-pt-ai/
Title: BigGlobalTravel

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/48d250ec-68bc-41ff-9b5c-4a7c557de798
Title: Limpeza de esgotos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://5minstory.com/pt-watermelontricks/
Title: 5minstory.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://5e3994.llsdzktnxwnnr.com/
Title: Residência Sênior | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 85

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 101

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 152

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690002737&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690002736871&bpp=39&bdt=1113&idt=359&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=3014310769520&frm=23&ife=1&pv=2&ga_vid=1550263801.1690002738&ga_sid=1690002738&ga_hid=321875407&ga_fc=0&ga_cid=amp-0HNhKObNcLeKk6fSs-KeSg&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1619420072&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076298%2C44788441%2C31061690&oid=2&pvsid=2911737061562097&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.iizzfmvv7qfe&fsb=1&dtd=685 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 166

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690002737&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690002736954&bpp=16&bdt=1175&idt=571&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=3014310769520&frm=23&ife=1&pv=1&ga_vid=1105228068.1690002738&ga_sid=1690002738&ga_hid=1826567666&ga_fc=0&ga_cid=amp-0HNhKObNcLeKk6fSs-KeSg&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=704&biw=1600&bih=1200&isw=336&ish=280&ifk=4219564794&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076160%2C31076161%2C31076250%2C31076271%2C31076340%2C44788441&oid=2&pvsid=4365335851854759&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.yd8p82tk4cri&fsb=1&dtd=927 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 183

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0EaYyMnPR8evVMwGsKlSgQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0EaYyMnPR8evVMwGsKlSgQ

Request Chain 184

https://rbp.mxptint.net/sn.ashx HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33647_106323951_127BB86FB&expires=60

Request Chain 186

https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7258506494163810449&expires=730

Request Chain 187

https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1838356e-9895-4a89-9fd5-ddcd8b32449a

Request Chain 207

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 208

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 269

https://um.simpli.fi/gp_match?google_gid=CAESEOBV48GUbTF0VqiE2s6QBpM&google_cver=1&google_push=AaAOQGH8gc2Yv3nYe1sUNvfo4YLq3hQsTk6I-fb9LrH_Zl_GbNUtdi1EjcU2UE6tPp9GqQ7q2m_ng6g4srdlQ1mEGaPEEaGp1WGf_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA6886EA90E542D6ABDC9BF270D5FD46&google_push=AaAOQGH8gc2Yv3nYe1sUNvfo4YLq3hQsTk6I-fb9LrH_Zl_GbNUtdi1EjcU2UE6tPp9GqQ7q2m_ng6g4srdlQ1mEGaPEEaGp1WGf_Q

Request Chain 271

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGYjhUyB3VlV2OqAntmdJy8&google_cver=1&google_push=AaAOQGHUHtwxQ3r_aSJD5TCLQQIu69QtaMBUC6-VFoxtI9reRSrVbIWgDKfe7QjF-9qvuk8Alr8GzIB6s5o5aFxT9XtasOgevD4HEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHUHtwxQ3r_aSJD5TCLQQIu69QtaMBUC6-VFoxtI9reRSrVbIWgDKfe7QjF-9qvuk8Alr8GzIB6s5o5aFxT9XtasOgevD4HEA&google_hm=HteGYvVTQgmRR05-MMZx-lI

Request Chain 273

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEHV944izhQ7TIXDUDapFZA&google_cver=1&google_push=AaAOQGGZAC3wCMjRmXMzyZaL8pu4pzdT-tTOiBZGWAknwk1HZUZLpNy14n67RkVrypfwDxtd3RLPCRSLWNs1Ozqz1-svgZcz-JgJWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGZAC3wCMjRmXMzyZaL8pu4pzdT-tTOiBZGWAknwk1HZUZLpNy14n67RkVrypfwDxtd3RLPCRSLWNs1Ozqz1-svgZcz-JgJWw

Request Chain 274

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELnx6jttZ4Y3QKRoVJosDBI&google_cver=1&google_push=AaAOQGFfKcF_Ij0TeIyZUdbcHI9iYdWpx9Igqla_0qOALn24oUCPzm473guhs7g8bV95H2vw6dm4PweabZ1kAOfGiZPhxXjkZuYCecQ HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELnx6jttZ4Y3QKRoVJosDBI&google_cver=1&google_push=AaAOQGFfKcF_Ij0TeIyZUdbcHI9iYdWpx9Igqla_0qOALn24oUCPzm473guhs7g8bV95H2vw6dm4PweabZ1kAOfGiZPhxXjkZuYCecQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cd51038f-2944-49a9-a5e9-d689c33ad896&%%GOOGLE_PUSH_PAIR%%

Request Chain 288

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

296 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html Show response
www.bg3.co/a/ 44 KB
11 KB 1243ms
711ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7fff78c5d7e7b3e7cbd472dd007f835447363b8841c0e683c347c7488df16518

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 22 Jul 2023 05:12:14 GMT
etag: "b126-mJveC23N/wwK61cHM0ISPTEiB9Q"
expires: Sat, 22 Jul 2023 05:27:14 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 261ms
95ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 05:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
server: sffe
etag: "03bc649404a9850f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Jul 2023 05:12:15 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 332ms
167ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 05:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9649
x-xss-protection: 0
server: sffe
etag: "23590aea1735b086"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Jul 2023 05:12:15 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 227ms
86ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 05:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7554
x-xss-protection: 0
server: sffe
etag: "50eb993f3be7bbdc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Jul 2023 05:12:15 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

187ms
68ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3047
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPs6vUi6cMQetHnAgJsKRwcqGEQSGS8phj4Q2IgcvhBT7WOVFItIVSGQIBxsMqhRFHy4wgaTs3DfTY8wnPYaI9DHiiPrIDJDV4dnyCBRG0ZJ%2F9JGx15S2xkaV80%2BgRTjUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea930096a8b950a-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 292ms
91ms Script
application/javascript 193.108.153.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-15.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
last-modified: Fri, 21 Jul 2023 07:00:38 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Sat, 22 Jul 2023 06:12:15 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 630 KB
135 KB 280ms
89ms Script
application/javascript 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: a61ef9e6f4a967672e4461a472ca4340cb336bea5c3085e1d4dfc3ab6704c61d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
last-modified: Fri, 21 Jul 2023 21:18:29 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="469445_389467660_90184932_586_1109_37_0_146";dur=1
x-cf-geodata: PT
content-length: 137380
expires: Sat, 22 Jul 2023 06:12:15 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 276 KB
46 KB 363ms
264ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31a9b23d7c28a75109677875e40c9578a55301fec47cd4aa80b9879449d2bb98

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eRwq9mtM3kPhFKfkaVqn6KZ80RYQHDjq
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:15 GMT
x-amz-request-id: 6KW4939880NSHEPF
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 46322
x-amz-id-2: /ZhmYiwXQMiabMz2oYIv1kandmwKe7/KOn9jvkUm1X3Y4RmkjI9EQ7A2RNRKGSv5I9UD1Zk+SMo=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:49:50 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002735.963195,VS0,VE217
etag: "a07451a1049b9eb8d3be92c43542ed3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1112ms
518ms Script
text/javascript 13.114.150.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.150.222 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e4809703efa16fbfc2b47af8a956f881ac3acbe51285d2aa3b48cbad2ae80b8d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 366ms
80ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690002735.cdn4-pxy210-mad02.ma1.evs,1690002735.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET c03399bbfecf17d7a847e521591ed65a.jpg
static.bg3.co/imgs/202106/ 0
0

GET 99d740ca6e44aec49ad044f648f70962.jpg
static.bg3.co/imgs/202106/ 0
0

GET 4f9eae13ac0384f284ab75c980b15d50.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1009b022bc0c8726ec5251eb92019ae2.jpg
static.bg3.co/imgs/202106/ 0
0

GET df21e45190f32118d0d1c295084961dd.jpg
static.bg3.co/imgs/202105/ 0
0

GET ac2807dd3c6aef9609dd375ab6ffb1ce.jpg
static.bg3.co/imgs/202105/ 0
0

GET 039e30df3e0163c07264fcb620e00463.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 8 KB
3 KB 246ms
82ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 11:27:48 GMT
age: 150267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2966
x-xss-protection: 0
server: sffe
etag: "4e4cebbab06b5f09"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Jul 2024 11:27:48 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 82 KB
23 KB 263ms
104ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:27 GMT
age: 302148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23120
x-xss-protection: 0
server: sffe
etag: "97458ea624168dde"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:27 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
845 B 286ms
115ms Fetch
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b6254a4a16a3e6d4818042ae58d978e69b6bd8cd6a856b028c0eaec63a83b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 12 KB
4 KB 239ms
90ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 14:55:17 GMT
age: 137818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3939
x-xss-protection: 0
server: sffe
etag: "21ee47434b69c418"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Jul 2024 14:55:17 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 218ms
125ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690002735.cdn4-pxy210-mad02.ma1.evs,1690002735.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 impl.20230720-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 789 KB
164 KB 45ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e8e7f25e76923cdf5e3b0bbc96fab3e8d08575d2f87c478e23fb8e98530a9d90

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EwOyzWNx72EC4grzk0zM6vwTLi2LY.Xx
content-encoding: br
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:15 GMT
x-amz-request-id: 3K11HK50T5M55VRQ
age: 5307
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167105
x-amz-id-2: EyKV2Q40ksJig47fJioCoeUmdLm27t32pgXHfWTLvs8XnPp6qB9QmUbwhmDO16wgTqA0CIAyC/U=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:35:44 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002735.397837,VS0,VE0
etag: "34e9f77310e584b68e9e2ec7c2dd6975"
vary: Accept-Encoding
content-type: application/javascript
abp: 77
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 872

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 276ms
84ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 228080
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 90 KB
21 KB 469ms
459ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=05%3A12%3A15.577&lti=deflated&data=%7B%22id%22%3A205%2C%22ii%22%3A%22%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1689853777905%2C%22vi%22%3A1690002735570%2C%22cv%22%3A%2220230720-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22vpi%22%3A%22%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2631%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A400%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ef1cf075dbd0d280b41ee4c1eb5111fbb83ab748a38716b5aa89b517508913c

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 409
date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 107704
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
server: nginx
x-timer: S1690002736.607702,VS0,VE409
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 86ms
86ms Image
image/jpeg 193.108.153.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1690002735661
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-15.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:15 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Sat, 22 Jul 2023 06:12:15 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 255ms
85ms Script
application/javascript 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469445_389467660_90185107_153_1087_37_0_146";dur=1
content-length: 122286
expires: Sun, 21 Jul 2024 05:12:15 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
554 B 317ms
193ms Script
application/javascript 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469445_389467660_90185110_95_826_37_0_146";dur=1
content-length: 211
expires: Sun, 21 Jul 2024 05:12:15 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 208ms
85ms Script
application/javascript 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469445_389467660_90185109_48_899_37_0_146";dur=1
content-length: 18371
expires: Sat, 22 Jul 2023 06:12:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 322ms
138ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9626f903381a5c82cbe13b3aa08acc080cb879dd99e43286a2de79b17d443d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27909
x-xss-protection: 0
server: cafe
etag: 986 / 19560 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:15 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 298ms
95ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTAwMDI3MzU3MTgsInBhY2tldElkIjoiMDAwMEE3MDEtMjhkOTY3NGEtNjQ3ZS00Y2JiLTgyMGYtNzExOGM5ZjcwNjZiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YS1uYW4tamluLWtvbmctMnl1ZS1zaHVpLWhvdS1qaW5nLWxpLTEwLTI5eWkteXVhbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJQVCJ9&c_b=2150.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:15 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 298ms
96ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:15 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 40 KB
10 KB 90ms
89ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:28 GMT
age: 302147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10347
x-xss-protection: 0
server: sffe
etag: "59414361c8ed98c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:28 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 215 KB
57 KB 85ms
85ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:18:41 GMT
age: 302014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58154
x-xss-protection: 0
server: sffe
etag: "0ba4e671a8cd7fee"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:18:41 GMT

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 310ms
115ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

ESF /

Resource Hash

bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-91AXYdNPfDGWV8Lrqajjcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-91AXYdNPfDGWV8Lrqajjcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 55ms
54ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4727
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwiDJSP1D%2Fv8Eh0yWjWZwvoYvXrsPMw1li05dTTDRALqSgmi9jkNhRpj39KmAFzhBddSirhc8gKPdwI6pYcem1R2IegEunS%2F4%2BDvIuAHAASz%2F5cNHLY4bJ39si1NPWv2gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea9300a9b3e950a-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 598ms
143ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a665354e817890ceaa48988aa784f59042a95e0ce3a239cf9d10379c65ce3fe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:16 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 588ms
149ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a665354e817890ceaa48988aa784f59042a95e0ce3a239cf9d10379c65ce3fe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:16 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 484ms
200ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6594997510393641&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:16 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 497ms
212ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9540763155321905&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:16 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 110 KB
31 KB 81ms
81ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:25 GMT
age: 302150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32104
x-xss-protection: 0
server: sffe
etag: "fc5a7023b69babf1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:25 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
479 B 259ms
87ms Fetch
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-27996936491020871064.ampproject.net/2307052224000/ 0
0 272ms
87ms Other
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-27996936491020871064.ampproject.net/2307052224000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 329ms
83ms Script
text/javascript 23.36.163.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 998ms
794ms Script
text/plain 18.173.187.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDAwMjczNV8wX2YyY2Q0NjM1OWRlZQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-9.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Jul 2023 05:12:16 GMT
Via: 1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: MUC50-P4
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: -FBnXVhlSmWlkAM4WqP3LxyoWuiDoev8VLzShyE1KQAJvuMiXgrsTQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 2 KB
812 B 85ms
85ms Fetch
application/json 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:28 GMT
age: 302148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "464f04a848bfb8ed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:28 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 210ms
69ms Fetch
application/json 172.64.202.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.202.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55169
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jul 2023 13:52:47 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ%2F%2BdZeeTwGKDYkrRpT8PvEMAy2ZhukdDbsFGo8nRmI3NcjUUDePnxVXqzjkGwcUP%2Fod1PuhZ9OcC6%2FdFP6gKfek%2BXfMHGNYKe2WPMIK2xWeyKNe9GhXXQk4q68tccv3lbM7jeX7QGdA4r5YBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7ea9300d4d2337c7-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 3 KB
956 B 86ms
86ms Fetch
application/json 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 00:42:33 GMT
age: 188983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d6efea8de711c3e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Jul 2024 00:42:33 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 283ms
85ms Script
application/javascript 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Jul 2023 05:12:16 GMT

GET
H2 200 floating-unit.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 47ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a94c88a570ff153de36e99c25041997a49b38cd9e8d0fb71aa9382c8396820d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ruE6DRjlW2BtnX1ukSQbbtNQj_wQ_G6l
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: 9XVBRJGN0DY8RHC2
age: 148626
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: 55+f2sfiddudV1NjZ2AilJdxOQBviSH4R/AY7nc3Dk4m64WrxrqvNbR9w+3VhRrbFSTMomKPePc=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:55:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.119960,VS0,VE0
etag: "6c0cceb428cfbf7f71e4f5d69ee6bf01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 45
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 14661

GET
H2 200 taboola-vignette-new-scanning.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 48ms
47ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3779f5586454c26dd37e8267e0d0776fba8567a8930229f2d754b0b690f0e72

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BJnPPiRQD3n515csXSkVLkOeqKFQzbmH
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: G8HHBWZQES5W1Y52
age: 148565
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: Rz0AYd/3adWpOBLc2hb+vVefQUK+T1RvaQ3agS+/9TUl6N7oki5601H64F39jQQ5UFYbkrtMlIg=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:56:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.121698,VS0,VE0
etag: "4da478b0692e7fd8e54b8b9a5cd7742f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11721

GET
H2 200 distance-from-article.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 48ms
47ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c879914d9a82ab04ab0c71a0742118ce04a623adafef82fc991e10ce0e1adc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _x6UGURUxTVcPklH7jDsCRC8xbcktQPf
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: 9EANFPK102DZSPK5
age: 148659
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: xwZqLTRbZ4Brft60nG+r+08nLgMjTVjqsrlBGdBW7rhrvPWPSsboXPpHup15rlBIncqBuyWdrw4=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:54:37 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.140362,VS0,VE0
etag: "aa7e0bfca3d5c259155efab8aa3e4dec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 96584

GET
H2 200 article-detection.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 48ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a9c74893bef37552b92e10bd29b691209b986e705a6242e56b9065810bfa859

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kDGlzhxkmzgclFjBWHm_XGBib6NkPXu4
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: AG22EDM6V5D2SX4C
age: 148680
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: 8Cq6GVPczz/9v/chW/QwggKOO5HQ6BVSlsCX4LbIvmDZoHl/G2r9ZmmyXkpL5ZGkCGazMFRmEV4=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:54:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.141060,VS0,VE0
etag: "67e226918d29016383b3cc2be4bd5287"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 96604

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.2/ 123 KB
35 KB 47ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18f6e93b6e1ac6b3971bbf06396514d80559a3df081ae53f7f59860b878d6e91

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 9b77256cb4a2caf313b1650e5e0805f8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 244038
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35118
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 19 Jul 2023 09:23:52 GMT
server: AmazonS3
x-timer: S1690002736.142348,VS0,VE0
etag: "23e2191935103aeeb4e92c57ab67b071"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: iNusNf1xP90ulGh_fHbiVE73VXEomDR14fGQSTWZlNmTGKtADlUYQA==
x-cache-hits: 6804

GET
H2 200 feed-card-placeholder.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 53ms
53ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2f63a4e15c229a5b68d93bacb7f056e34d7f76c9308a48698b116f98aec5dd8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0a4_6Dqe8zjvxoYVKqmvWi7S0sT4MRkv
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: W8X6VP58PSYJYF97
age: 148641
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: 6ye2NeCS/sc8w3M9xKBH3FtzxpXwzZnmQQFSfNOIMz6Q9UfZB+gherbJv6MJ9jVYpMVGD38Vsu0=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:54:55 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.143160,VS0,VE0
etag: "524213ed6b9c65b54418d1902b6083ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 68738

GET
H2 200 userx.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 48ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4157c995bbcc7922e7e1df182e85408f57447d55f7beb65fe115ec389781be6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pM4DarQXZUtJ0X2p_DZmmbAqyVdRxHSO
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: YRN3SCZJQFJ5FK5A
age: 148557
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: Y2lu0YmYyEAyvdbruwZUjinqA/hlzY1aF+ygMWyKhDYB4rR+w0OkI9biSzQ+QHnqUWdoYuAhOXc=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:56:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.154147,VS0,VE0
etag: "133d4354a166bd4b225eb088a65e15bc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 85
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17626

GET
H2 200 explore-more.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 46ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b113baa1a8a720263c51ab0c3866a585f75aaaebebd156e7991b7dd03b670e1d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zQ_gp5JhYd7hfqdC0nrdVRYgKbH9oW_X
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: N67VKG2PETJJCE8K
age: 148645
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: ZFecGV/c8udqpJ2bY1H1USFtYX60PIF5+Vwbw4ZkKIcSTIl4huqDQ4lTaBrWDRGSaCSRp95HAGA=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:54:50 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.168145,VS0,VE0
etag: "22abcb7f1af50ff07cad1f800b026476"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 40374

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 439ms
134ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=05%3A12%3A16.098&id=5477&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 440ms
136ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690002736100%7D&tim=05%3A12%3A16.100&id=7171&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 439ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690002736109%7D&tim=05%3A12%3A16.109&id=9538&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 439ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A12%3A16.146&id=811&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 437ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.152&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=3640&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86060

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 437ms
134ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.153&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=136&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86060

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 147ms
146ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.159&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3012&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86060

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 148ms
147ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.161&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2082&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86060

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 149ms
149ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.166&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1547&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86060

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 50ms
45ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: 8R6Y8MF83F4SX453
age: 46
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: y2mfqW0zNaVKBEwFw8dY+fcbOjSB9dkUju7ClvLvpp+A82nlMU2QeiiPhh7eMjog9LKHLsuhxI8=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.202750,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 27
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 9

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 26 KB
8 KB 459ms
458ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=05%3A12%3A16.254&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A285%2C%22ii%22%3A%22%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA%22%2C%22ui%22%3A%22fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf%22%2C%22uifp%22%3A%22fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf%22%2C%22lbt%22%3A1689853777905%2C%22vi%22%3A1690002735570%2C%22cv%22%3A%2220230720-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22vpi%22%3A%22%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3967%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A400%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 433658faf7facf0548f3eb7d72a57930fe7a68ec8cb3f6b50a1db69128d4f618

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 361
date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 112024
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
server: nginx
x-timer: S1690002736.277317,VS0,VE361
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 13a760f42b16f37bdd1e345607d36205.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_660%2Cw_880%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 103 KB
104 KB 60ms
51ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_660%2Cw_880%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a70017ea41dc9f934ba43b617d168f160b940074a7dedace607efe6afe91cc9c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_660%2Cw_880%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
age: 2482346
edge-cache-tag: 568773227288334274340735727704308249617,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568773227288334274340735727704308249617,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 382
expiration: expiry-date="Mon, 17 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.mynet.com/
content-length: 105910
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100153-IAD, cache-lga21931-LGA, cache-iad-kcgs7200169-IAD, cache-lis1490035-LIS
last-modified: Fri, 16 Jun 2023 18:11:26 GMT
server: nginx
x-timer: S1690002736.311138,VS0,VE2
etag: "ae1e6f9ef5efd25dbe62e497585c669a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 9, 1

GET
H2 200 13a760f42b16f37bdd1e345607d36205.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 90 KB
90 KB 63ms
62ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8fb92c80a478c3a65795616335c2067b333034ad6dc46c0730744887de9d10d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
age: 3142617
edge-cache-tag: 568773227288334274340735727704308249617,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568773227288334274340735727704308249617,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 242
req-referer: https://play2048.net/
content-length: 91936
x-request-id: d7b444e020a28a988b6cf00daef9a9fa
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100088-IAD, cache-iad-kiad7000105-IAD, cache-sna10739-LGB, cache-iad-kiad7000174-IAD, cache-lis1490035-LIS
last-modified: Sat, 03 Jun 2023 23:17:58 GMT
server: nginx
x-timer: S1690002736.314125,VS0,VE1
etag: "ec325b6875435b2393cff58d9f75c50a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 129, 1

GET
H2 200 335fa458bf62a0be81a46efb54279be1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 51ms
50ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5710f1610a5dda4b819f30d9879c84aac2037793c887e032d3f6e5567ceb8bd9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
age: 4222040
edge-cache-tag: 430001604877904240313987470853192494116,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 430001604877904240313987470853192494116,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 103
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abola.pt/
content-length: 18360
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100125-IAD, cache-sna10726-LGB, cache-iad-kiad7000029-IAD, cache-lis1490035-LIS
last-modified: Thu, 11 May 2023 15:44:18 GMT
server: nginx
x-timer: S1690002736.371725,VS0,VE0
etag: "084055f5a37a3ecde202aa2cf76f8cf0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 48, 2

GET
H2 200 46686436b207391d7fa8e2f593295ab2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 91ms
90ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46686436b207391d7fa8e2f593295ab2.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a93860bb505029e6bcfb78ca9de8af498a3378aa64b2e515cafd9ab6ecb2bacf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46686436b207391d7fa8e2f593295ab2.jpg
age: 3406897
edge-cache-tag: 356900564464126857962591377478142868093,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356900564464126857962591377478142868093,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 79
req-referer: https://www.internetastic.com/
content-length: 24822
x-request-id: fa893f123ef9810b94351cc5dcbbb09b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100112-IAD, cache-sna10725-LGB, cache-iad-kjyo7100062-IAD, cache-lis1490035-LIS
last-modified: Tue, 16 May 2023 14:51:58 GMT
server: nginx
x-timer: S1690002736.377847,VS0,VE0
etag: "5617a45d534a4f13de9e5af47e8b5d4c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 136, 2

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 83 KB
84 KB 77ms
76ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3d3dfd46fa4833d6953004333dd6239c72d056cba3113e335920f775424fca0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 3158511
edge-cache-tag: 581651182490352650140986442054686683286,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 257
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 85412
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kiad7000056-IAD, cache-chi-kigq8000078-CHI, cache-iad-kcgs7200027-IAD, cache-lis1490035-LIS
last-modified: Tue, 13 Jun 2023 15:32:38 GMT
server: nginx
x-timer: S1690002736.393650,VS0,VE1
etag: "2ce1070187b6a3db9d66e64a4f43f577"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 152, 1

GET
H2 200 103772368__He4U8MMY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/ 6 KB
7 KB 152ms
151ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/103772368__He4U8MMY.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7868c4a497dcbf5f97d2f2e8de58d03262dfc59426eeeaa86a54b7f2e0ea190

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/103772368__He4U8MMY.jpg
age: 1543989
edge-cache-tag: 508987893383307915751944386471716665452,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 508987893383307915751944386471716665452,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 235
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tijdvoornieuws.nl/
content-length: 5856
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100029-IAD, cache-sna10751-LGB, cache-iad-kjyo7100081-IAD, cache-lis1490035-LIS
last-modified: Thu, 15 Jun 2023 03:28:54 GMT
server: nginx
x-timer: S1690002736.452963,VS0,VE1
etag: "8878c6e47000b3a77370220f99776ac6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 1

GET
H2 200 128fa4e3-35bc-44d8-9db9-4c2f2718eea8__cGnpCCGh.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 11 KB
12 KB 106ms
98ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/128fa4e3-35bc-44d8-9db9-4c2f2718eea8__cGnpCCGh.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6c8b61553423d1d3901d44b5b6a671c9fb683a16d096c93cf73f85bbf8ce9b3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/128fa4e3-35bc-44d8-9db9-4c2f2718eea8__cGnpCCGh.jpg
age: 305368
edge-cache-tag: 448825077646573442267050528298722858843,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 448825077646573442267050528298722858843,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 510
req-referer: https://jovempan.com.br/
content-length: 11354
x-request-id: 1cc8026857093423f1b486bc9ed2565d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100166-IAD, cache-iad-kcgs7200093-IAD, cache-lga21934-LGA, cache-iad-kiad7000166-IAD, cache-lis1490035-LIS
last-modified: Tue, 18 Jul 2023 15:08:12 GMT
server: nginx
x-timer: S1690002736.483845,VS0,VE1
etag: "1af3b769868967c4276da68656007cac"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 13a760f42b16f37bdd1e345607d36205.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 101 KB
102 KB 92ms
92ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e40bc92d1ba06c13ea9fe286ef0f27983eb4c893367e1dc57704083730651dbd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
age: 3795970
edge-cache-tag: 568773227288334274340735727704308249617,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568773227288334274340735727704308249617,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 318
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://rotter.net/
content-length: 103736
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100056-IAD, cache-iad-kjyo7100109-IAD, cache-sna10721-LGB, cache-iad-kcgs7200114-IAD, cache-lis1490035-LIS
last-modified: Thu, 11 May 2023 14:57:19 GMT
server: nginx
x-timer: S1690002737.580044,VS0,VE1
etag: "5e1ec92a9033b40a4e5b7e6ce78f1235"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 76, 1

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 98 KB
99 KB 49ms
49ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ba2a5f2d74cd9941d09d0da725f620af02aabea20a8f489391240df67552615

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 1702021
edge-cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 259
expiration: expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.revistafama.com/
content-length: 100368
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kjyo7100157-IAD, cache-lax10659-LGB, cache-iad-kcgs7200138-IAD, cache-lis1490035-LIS
last-modified: Wed, 14 Jun 2023 18:12:36 GMT
server: nginx
x-timer: S1690002737.580140,VS0,VE1
etag: "060ac8b01c387c8b35efce55351b6933"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 126, 1

GET
H2 200 335fa458bf62a0be81a46efb54279be1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 54 KB
55 KB 74ms
73ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba05525a0ea539b70649de4e9e03e5100ae3fa37a76dcf49ab538a6a46fb680f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
age: 2100225
edge-cache-tag: 430001604877904240313987470853192494116,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 430001604877904240313987470853192494116,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 318
expiration: expiry-date="Sat, 22 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.emdireto.pt/
content-length: 54926
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100125-IAD, cache-lga21970-LGA, cache-iad-kjyo7100170-IAD, cache-lis1490035-LIS
last-modified: Wed, 21 Jun 2023 08:39:12 GMT
server: nginx
x-timer: S1690002737.580141,VS0,VE1
etag: "084055f5a37a3ecde202aa2cf76f8cf0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 1

GET
H2 200 46686436b207391d7fa8e2f593295ab2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 53 KB
54 KB 105ms
101ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46686436b207391d7fa8e2f593295ab2.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8002c55792af35fba9eaa7258ae38a1c16b2759d0436361779ac4ff915c56180

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46686436b207391d7fa8e2f593295ab2.jpg
age: 3406897
edge-cache-tag: 356900564464126857962591377478142868093,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356900564464126857962591377478142868093,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 286
req-referer: https://menshouse.gr/mousiki/174329/to-tragoydame-choris-na-echoyme-idea-ti-itan-telika-to-liomeno-pagoto-poy-ermineysan-ta-xylina-spathia
content-length: 54406
x-request-id: fa893f123ef9810b94351cc5dcbbb09b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100112-IAD, cache-lga21922-LGA, cache-iad-kiad7000131-IAD, cache-lis1490035-LIS
last-modified: Tue, 16 May 2023 14:51:58 GMT
server: nginx
x-timer: S1690002737.631823,VS0,VE1
etag: "5617a45d534a4f13de9e5af47e8b5d4c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 46, 1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 385 KB
122 KB 91ms
90ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 01:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12884
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Jul 2024 01:37:32 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9FC2 92 KB
32 KB 337ms
141ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2cf97be90d1f77fac061c4bc519584e8fc6b20d15d5a2463d42d65bdd0299adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32814
x-xss-protection: 0
server: cafe
etag: 1629783679160112136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:16 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2C5B 92 KB
32 KB 390ms
197ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c023bc2e998dd1817f11b5a58845da05067a2f79d734e3e45f61a6b898bb1ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32812
x-xss-protection: 0
server: cafe
etag: 17644256412150925606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:16 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 294ms
103ms Fetch
application/json 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 next-up-widget.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 52ms
51ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f0a771d95f6c92a91c4b218a0293c4abe3a4cab77432cb49e0380f117f4523b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fYpHBerjxHFgzDGf4m1Q2V4U9_6_ktjf
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: HVM7E21QHET4B0JQ
age: 148619
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4624
x-amz-id-2: OrBUhXuS+olWKuCdvi13tn3KRWnDhvKw3SbFN6i4SMmhRVffhk2dcq3WAhL8iOzH/rzoI25fL+0=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:55:17 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.371662,VS0,VE0
etag: "c218f8e0942a5c0bd4656a218a1821c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 14205

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 21FD 714 B
777 B 83ms
82ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 2768
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ea9300e6d78950a-LIS
content-encoding: br
content-type: text/html
date: Sat, 22 Jul 2023 05:12:16 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62gy5KIkGwUSi2usksGsW%2F%2BL5idNE%2BIQVfh%2FIr%2F5oKbPscUTHWktujHLfKD96%2BCMixD7EfgDgtOqafIvGNb4lesvEvyr7UN3qmdry7xsBUDx%2FgZfY%2BU9Anr3cXDUHOhc%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 04AD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

293ms
96ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Jul 2023 05:12:16 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 456ms
152ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:16 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 92ms
91ms Script
application/javascript 23.36.163.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sat, 22 Jul 2023 05:12:16 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 133ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1572%7D%22%2C%22eventTime%22%3A1690002736385%7D&tim=05%3A12%3A16.385&id=5068&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 136ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22305%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A12%3A16.404&id=1491&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 134ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.434&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9123&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86022

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 298ms
88ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 03:50:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jul 2023 05:12:16 GMT

GET
H2 200 spa-detector.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 106ms
97ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 932e6dec5caab7bdec544cb9a595f5105f8a3279e4d943be595f15bab07f43e0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DMGYse0mtwGDwP2naPxP3HIi4xdwAX5T
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:16 GMT
x-amz-request-id: Y67GTR3VRGJ2ZSJE
age: 148597
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: JW8X0/cxxrRhak6/SkdTq4No06Vm7kTSV/FuYGbrT14BVXB8kARu9Z5iD/+XC0wj6Cd1QZFxyoo=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 20 Jul 2023 11:55:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690002736.483853,VS0,VE0
etag: "abd91b265cd8a23c4091d1d055a491a9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 41583

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 135ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A12%3A16.438&id=6275&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690002736444%7D&tim=05%3A12%3A16.445&id=678&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 135ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A12%3A16.447&id=4182&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 139ms
137ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=d0a77cf9d656a23280325612dc5e4b59&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002735_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690002736450%7D&tim=05%3A12%3A16.450&id=3945&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 1459 714 B
734 B 54ms
54ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 2768
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ea9300f2dd6950a-LIS
content-encoding: br
content-type: text/html
date: Sat, 22 Jul 2023 05:12:16 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff5wXLJA5MW88IUqzn%2FzG1WOtEOd7jOwzlyP4GZxEez9f0vM5g5joKdX7aOzkbAm5N3jfqdb5qqWAtECc6KXsVbGaBZGytpu%2FR76YBNLem011vA4JKKPMey2jmKYT%2Bh0VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame EFF2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

287ms
86ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Jul 2023 05:12:16 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 21FD 80 KB
27 KB 152ms
151ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

404d261844e904fded4699e21132fb63c0b4d63cc08aa4b75399013de27205d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27568
x-xss-protection: 0
server: cafe
etag: 597 / 19560 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:16 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame E199 495 B
664 B 1336ms
290ms Document
text/html 54.249.104.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.104.171 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sat, 22 Jul 2023 05:12:17 GMT
etag: "64bac299-1ef"
last-modified: Fri, 21 Jul 2023 17:38:33 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 387E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

295ms
94ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Jul 2023 05:12:16 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
635 B 315ms
91ms Script
application/javascript 99.84.88.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-35.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 04:17:16 GMT
via: 1.1 4699c08b44211e17f977ca0133ec5e8e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 3301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4pPR9jmHEWYP37WBEwXJBWSz53XVQKHfy7ACdnkyKqr36AxKPFMZ5w==

POST
H2 204 collect
www.google-analytics.com/g/ 0
97 B 274ms
98ms Ping
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7686&cid=amp-0HNhKObNcLeKk6fSs-KeSg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&dr=&dt=%E8%8F%AF%E5%8D%97%E9%87%91%E6%8E%A7%202%E6%9C%88%E7%A8%85%E5%BE%8C%E6%B7%A8%E5%88%A910.29%E5%84%84%E5%85%83%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690002736&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 229ms
78ms Ping
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-0HNhKObNcLeKk6fSs-KeSg&aip=1&sid=1690002736&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1459 80 KB
27 KB 129ms
129ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d59faa902f69473e25422dbbf653941a9c10e96bc807e3cd317aa498a451a0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27568
x-xss-protection: 0
server: cafe
etag: 859 / 19560 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:16 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
171 B 419ms
278ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H5Y06HFVTRNBY5HY5ZRVX2Z7
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 13a760f42b16f37bdd1e345607d36205.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 46ms
45ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e296f2d894e947198c70f56e6e6417abc3e8bc9b3e8b11ade739803d7cf7ffe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13a760f42b16f37bdd1e345607d36205.jpg
age: 1834202
edge-cache-tag: 568773227288334274340735727704308249617,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568773227288334274340735727704308249617,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 233
expiration: expiry-date="Wed, 19 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://ww2.saviezvouscela.fr/
content-length: 11256
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kiad7000147-IAD, cache-lga21947-LGA, cache-iad-kiad7000158-IAD, cache-lis1490035-LIS
last-modified: Sun, 18 Jun 2023 13:23:22 GMT
server: nginx
x-timer: S1690002737.695315,VS0,VE1
etag: "06d69d676aabc2a603a7f8712c0f28d0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 23, 1

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 47ms
46ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b393065f31b0140779aab2af150e1e39c75cddd31a0ef18a72d6274c6d6a06a5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 605202
edge-cache-tag: 581651182490352650140986442054686683286,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 162
expiration: expiry-date="Tue, 08 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.atlantaleader.com/
content-length: 8476
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kiad7000101-IAD, cache-chi-kigq8000159-CHI, cache-iad-kjyo7100135-IAD, cache-lis1490035-LIS
last-modified: Sat, 08 Jul 2023 07:36:23 GMT
server: nginx
x-timer: S1690002737.695457,VS0,VE1
etag: "acbf8ae03ab58815360bcdf97019c95d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 335fa458bf62a0be81a46efb54279be1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 72ms
72ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a3b1695d400c89a26b8ca52d45b00296657628570885225b647aae79a0d6232

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
age: 1461631
edge-cache-tag: 430001604877904240313987470853192494116,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 430001604877904240313987470853192494116,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 285
expiration: expiry-date="Tue, 11 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://jornaldiario.pt/
content-length: 4832
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000044-IAD, cache-iad-kjyo7100134-IAD, cache-sna10720-LGB, cache-iad-kiad7000162-IAD, cache-lis1490035-LIS
last-modified: Sat, 10 Jun 2023 16:09:57 GMT
server: nginx
x-timer: S1690002737.695565,VS0,VE1
etag: "ab3b276e9bff990549585c2a6045e23a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 1

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 160ms
91ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%8F%AF%E5%8D%97%E9%87%91%E6%8E%A7%202%E6%9C%88%E7%A8%85%E5%BE%8C%E6%B7%A8%E5%88%A910.29%E5%84%84%E5%85%83%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-0HNhKObNcLeKk6fSs-KeSg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.916956520884483&gjid=0.32668107300017013&_r=1&a=7686&z=0.05250903425178777&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 131ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=05%3A12%3A16.753&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=1834&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 91638

GET
H2 200 st Show response
imprammp.taboola.com/ Frame C11B 439 B
393 B 96ms
86ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1690002736793&uv=3305&tms=1690002736793&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ee865fb4-8519-47e8-951e-9ddfe6fb8d25&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12a56e33afd17c0b2631e84ea4fd102b51ec395236c1669f5c087e7782d24e67

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sat, 22 Jul 2023 05:12:16 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490035-LIS
x-timer: S1690002737.827200,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D926 439 B
525 B 298ms
89ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 12a56e33afd17c0b2631e84ea4fd102b51ec395236c1669f5c087e7782d24e67

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 22 Jul 2023 05:12:17 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
726 B 145ms
133ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690002736803&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1534&pt=614113391&tz=0&viewable=true&ddast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1476
x-cache: MISS
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690002737.838349,VS0,VE84
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 313ms
106ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&cmcv=&pix=31589837&cb=1690002736793&uv=3305&tms=1690002736793&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690002733569.1!ts:1690002736793&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-length: 0
server: nginx

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/ Frame 9FC2 360 KB
123 KB 142ms
142ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

64a81ccc856feb0e26d002c2804b8b9363ebeacbb175242ce165a1ec795934c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126184
x-xss-protection: 0
server: cafe
etag: 14135154564933508086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:16 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 131ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=deflated&ri=f4effc820a13c9c9405563efd1699be0&sd=v2_a21f503b4359e18930abd3f3b0af2523_fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf_1690002735_1690002736_CNawjgYQ2YJdGNKDjeCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&pi=/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&wi=8637222643094383513&pt=text&vi=1690002735570&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1690002736913%7D&tim=05%3A12%3A16.913&id=1203&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 thumbnail_mamo19.jpg%3FVersionId%3D3o3zxuOyepQ2HZUikVLuYUmxBFlMbHzD%26itok%3DO93V8x5p
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//st3.idealista.pt/news/arquivos/styles/open_graph/public/2023-07/ 75 KB
76 KB 46ms
46ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//st3.idealista.pt/news/arquivos/styles/open_graph/public/2023-07/thumbnail_mamo19.jpg%3FVersionId%3D3o3zxuOyepQ2HZUikVLuYUmxBFlMbHzD%26itok%3DO93V8x5p
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 13e129432b94a6ee2d93a2dc1c94a156941b54a13ce78ff95263fb664ae61276

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//st3.idealista.pt/news/arquivos/styles/open_graph/public/2023-07/thumbnail_mamo19.jpg%3FVersionId%3D3o3zxuOyepQ2HZUikVLuYUmxBFlMbHzD%26itok%3DO93V8x5p
age: 798720
edge-cache-tag: 626130188205688359380220534680046548375,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 626130188205688359380220534680046548375,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 207
req-referer: https://greenlemon.me/
content-length: 76884
x-request-id: 2ee826b19baf8f0fa5bd4fa8b9f38e4b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kiad7000144-IAD, cache-chi-klot8100116-CHI, cache-iad-kcgs7200038-IAD, cache-lis1490035-LIS
last-modified: Wed, 12 Jul 2023 11:46:49 GMT
server: nginx
x-timer: S1690002737.948926,VS0,VE1
etag: "fcf94f5300ef5a0bff9f029d7d5f115c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 392f449e1cf7d46ec6df7a9664140255.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 435 KB
436 KB 48ms
47ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/392f449e1cf7d46ec6df7a9664140255.gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1aa3ca37578bdd849c8594804316eede373bf4a8ca2eb50e568fa7503aab83cd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/392f449e1cf7d46ec6df7a9664140255.gif
age: 1000961
edge-cache-tag: 412755165254667254907014500624106926414,478031603120095939601953909370272335035,29ecf9b93bbf306179626feeda1fab70
cache-tag: 412755165254667254907014500624106926414,478031603120095939601953909370272335035,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
content-length: 445913
x-request-id: d5b2cb477af15652b67e5b9ce5588b24
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kjyo7100108-IAD, cache-lis1490035-LIS
last-modified: Mon, 19 Jun 2023 16:45:50 GMT
server: cloudinary
x-timer: S1690002737.957312,VS0,VE2
etag: "0f15e31427488fb7e09be5e6eb201354"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 13, 1

GET
H2 200 bca4f27246cb6eba339d6b885eddbdd5.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_986,y_708/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 83ms
82ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_986,y_708/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bca4f27246cb6eba339d6b885eddbdd5.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fb4c1dd1f55eb400d83c5d45b324b4fc9f027d000feae1244d025f6359e19d83

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_986,y_708/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bca4f27246cb6eba339d6b885eddbdd5.jpg
age: 3058109
edge-cache-tag: 602253093161240830414768764157047827744,526604132328030356321332504794055413891,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602253093161240830414768764157047827744,526604132328030356321332504794055413891,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 139
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abola.pt/
content-length: 16636
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100060-IAD, cache-iad-kcgs7200035-IAD, cache-sna10746-LGB, cache-iad-kcgs7200032-IAD, cache-lis1490035-LIS
last-modified: Mon, 05 Jun 2023 09:23:43 GMT
server: nginx
x-timer: S1690002737.959136,VS0,VE1
etag: "8cde66d07514db604d70b3907bb1e19d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 10, 1

GET
H2 200 pexels-jimmy-chan-1402923.jpg%3FVersionId%3D6MLlXy3yOON4bh8fqOM5H8kpDVA9aPCw%26itok%3DjDOhHDiU
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//st3.idealista.pt/news/arquivos/styles/open_graph/public/2023-07/images/ 38 KB
39 KB 95ms
93ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//st3.idealista.pt/news/arquivos/styles/open_graph/public/2023-07/images/pexels-jimmy-chan-1402923.jpg%3FVersionId%3D6MLlXy3yOON4bh8fqOM5H8kpDVA9aPCw%26itok%3DjDOhHDiU
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc23b4ceab3b70521bc14214b10fac493b43dc1c4039fb624654211999ee1979

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//st3.idealista.pt/news/arquivos/styles/open_graph/public/2023-07/images/pexels-jimmy-chan-1402923.jpg%3FVersionId%3D6MLlXy3yOON4bh8fqOM5H8kpDVA9aPCw%26itok%3DjDOhHDiU
age: 1026938
edge-cache-tag: 463665463703527849299014100555139937016,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 463665463703527849299014100555139937016,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 376
req-referer: https://www.conselhosetruques.com/
content-length: 39058
x-request-id: 52bc5fd3e707add24f8dd91ac39f18f9
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kjyo7100175-IAD, cache-lax10679-LGB, cache-iad-kiad7000101-IAD, cache-lis1490035-LIS
last-modified: Mon, 10 Jul 2023 05:22:42 GMT
server: nginx
x-timer: S1690002737.960258,VS0,VE1
etag: "b81c62b5f7522958b226d9faf91b928c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 6825b2cc571708545911104e33170907.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
46 KB 520ms
518ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6825b2cc571708545911104e33170907.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a2bce0af9652e7760c9e3716520f6b582780000f30617748e482e864af16cb02

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 471
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6825b2cc571708545911104e33170907.jpg
age: 51909
edge-cache-tag: 595239533274827108160544459594064488041,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595239533274827108160544459594064488041,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time: 300
req-referer: https://www.bg3.co/
content-length: 45926
x-request-id: c0f9147fb0137567fb230466d722e071
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100084-IAD, cache-iad-kcgs7200033-IAD, cache-sna10738-LGB, cache-iad-kiad7000118-IAD, cache-lis1490035-LIS
last-modified: Fri, 21 Jul 2023 14:47:07 GMT
server: nginx
x-timer: S1690002737.960366,VS0,VE471
etag: "300430022a66e31e263dc2725252681c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 0

GET
H2 200 e94817edfc50ef8b57dde82a5f888244.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 53 KB
53 KB 98ms
96ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e94817edfc50ef8b57dde82a5f888244.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bb97a6170bd781e2166ecc1effe2c72c565b734036c3ca3056b0b3cf9b48cd3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 22 Jul 2023 05:12:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e94817edfc50ef8b57dde82a5f888244.png
age: 2657686
edge-cache-tag: 338089898785048819861703213915094602474,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 338089898785048819861703213915094602474,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 188
req-referer: https://jovempan.com.br/
content-length: 53836
x-request-id: 317b94db694cedf5458690ee1dfde5cb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100052-IAD, cache-chi-kigq8000055-CHI, cache-iad-kcgs7200035-IAD, cache-lis1490035-LIS
last-modified: Thu, 15 Jun 2023 13:52:47 GMT
server: nginx
x-timer: S1690002737.961039,VS0,VE0
etag: "d2582118e92f2c5d479100578d5a96b6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 10, 60

GET
H2 200 3b0b6763c8d0dd3056864aa4c77dbadf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
17 KB 59ms
56ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b0b6763c8d0dd3056864aa4c77dbadf.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01a5dd131c20db2b3c0ad38680265ebd5f15a3991dc695f6cc4ba98c4fbef1d9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b0b6763c8d0dd3056864aa4c77dbadf.jpg
age: 2372113
edge-cache-tag: 330013999128033129226502546874935688521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 330013999128033129226502546874935688521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 89
req-referer: https://www.recetasgratis.net/
content-length: 17212
x-request-id: f3b678a563014b38baa93b46a5bdf1ed
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kcgs7200082-IAD, cache-chi-kigq8000029-CHI, cache-iad-kjyo7100031-IAD, cache-lis1490035-LIS
last-modified: Sun, 18 Jun 2023 21:07:04 GMT
server: nginx
x-timer: S1690002737.005568,VS0,VE0
etag: "068ebec85ab46ab6aa5dfab93d16cb25"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2010, 16

GET
H2 200 55aabc35deca0d962fa7ef8587d4b7cd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 52 KB
52 KB 145ms
143ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55aabc35deca0d962fa7ef8587d4b7cd.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef21ad645fcdb18d305ab4a3195a493252273b214acff6b4d712fc957806adf0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55aabc35deca0d962fa7ef8587d4b7cd.png
age: 982685
edge-cache-tag: 467356660416307744973950542948199654798,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 467356660416307744973950542948199654798,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 202
req-referer: https://www.conselhosetruques.com/
content-length: 53016
x-request-id: e3b830fbf7fce1a8120e3527da049a50
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kiad7000172-IAD, cache-chi-klot8100039-CHI, cache-iad-kjyo7100144-IAD, cache-lis1490035-LIS
last-modified: Sun, 11 Jun 2023 22:58:27 GMT
server: nginx
x-timer: S1690002737.059735,VS0,VE93
etag: "fb8713c2f09655ec30d9977c33c4d234"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 0

GET
H2 200 5f21eb2daaa0751d2a61b7b12cf54594.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 59 KB
60 KB 48ms
47ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f21eb2daaa0751d2a61b7b12cf54594.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1603743989f6b5a42ae1bd409ad120b87d9f50f02392316e3128b2894626510f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f21eb2daaa0751d2a61b7b12cf54594.jpg
age: 2514190
edge-cache-tag: 443027013734326526441358297668673787271,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 443027013734326526441358297668673787271,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 282
expiration: expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gujaratsamachar.com/
content-length: 59980
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100162-IAD, cache-iad-kcgs7200120-IAD, cache-lax10678-LGB, cache-iad-kiad7000097-IAD, cache-lis1490035-LIS
last-modified: Mon, 12 Jun 2023 03:46:15 GMT
server: nginx
x-timer: S1690002737.059860,VS0,VE1
etag: "675dcaf6f5500158263eb52ff444b3cc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 214, 1

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ Frame 2C5B 360 KB
123 KB 186ms
185ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076271

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9360c0c71cbd87b2b1483b581be78149a6106088345eaaa14e90d1945df81136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126224
x-xss-protection: 0
server: cafe
etag: 14171603235794904878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:17 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 21FD 385 KB
122 KB 86ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 01:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12885
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Jul 2024 01:37:32 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C11B 70 B
264 B 580ms
118ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1690002736793&uv=3305&tms=1690002736793&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ee865fb4-8519-47e8-951e-9ddfe6fb8d25&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C11B 43 B
425 B 283ms
91ms Image
image/gif 54.217.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&cmcv=&pix=undefined&cb=1690002736793&uv=3305&tms=1690002736793&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ee865fb4-8519-47e8-951e-9ddfe6fb8d25&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame C11B 0
15 B 532ms
93ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_0_5/infra/ 889 KB
148 KB 222ms
44ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c8f1724bd314bb1545a4155a2a52edcf6bedd5717cf18fde816f9979e8fc8abb

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689758810
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 41BDABBNJ0E7N6A3
age: 243785
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689758811
x-amz-meta-mode: 33188
content-length: 150884
x-amz-id-2: 56DIiz5vQNVnsv0Pwl5hxjIerEnIoyFwAZlXq7WFEqZEhn7lMVeLeGeIDMha8QOkb/eER9Zye10=
x-served-by: cache-lis1490046-LIS
last-modified: Wed, 19 Jul 2023 09:26:52 GMT
server: AmazonS3-br
x-timer: S1690002737.205305,VS0,VE0
etag: "e4e90f4aac9df96ba121298cb7221ead"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 45341

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_5/assets/css/ 60 KB
8 KB 53ms
46ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689758828
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 41B455WNG553PQQ0
age: 243784
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689758829
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: H7O4nlYLyInCdNnpNAqE1rz0BQWtPtp3Gs2FUXkf3sO853DdrMxPyubyDnzsp1/18G8u+duc1T4=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 19 Jul 2023 09:27:10 GMT
server: AmazonS3-br
x-timer: S1690002737.034680,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 59547

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 1459 385 KB
122 KB 124ms
123ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 01:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12885
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Jul 2024 01:37:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EFF2 34 KB
10 KB 104ms
104ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40027
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:19:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 04AD 34 KB
10 KB 101ms
95ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40027
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:19:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 387E 34 KB
10 KB 104ms
96ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40027
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:19:24 GMT

GET
H2 200 pixel;r=1510531914;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d6...
pixel.quantserve.com/ 35 B
371 B 95ms
92ms Image
image/gif 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1510531914;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1907315616-1690002736542;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690002737036;tzo=0;ogl=;ses=287afa81-5aee-4301-bb20-fe327d6f5f8c;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 704ms
168ms Fetch
application/json 3.233.155.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-155-176.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvaHVhLW5hbi1qaW4ta29uZy0yeXVlLXNodWktaG91LWppbmctbGktMTAtMjl5aS15dWFuLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
870 B 228ms
177ms XHR
text/html 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvaHVhLW5hbi1qaW4ta29uZy0yeXVlLXNodWktaG91LWppbmctbGktMTAtMjl5aS15dWFuLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-12.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 22 Jul 2023 05:12:17 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=90, ak_p; desc="469445_389467660_90185376_9467_1087_37_0_219";dur=1
content-length: 555
expires: Sat, 22 Jul 2023 06:12:17 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D926 70 B
265 B 437ms
117ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf
pr-bh.ybp.yahoo.com/sync/taboola/ Frame D926 43 B
426 B 140ms
90ms Image
image/gif 54.217.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame D926 0
125 B 390ms
92ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EFF2 284 B
536 B 580ms
81ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 387E 284 B
536 B 663ms
90ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 04AD 284 B
536 B 737ms
80ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 104ms
103ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b4c05ebc89dfddc0f2d656e791ac3b5fd3339e1b56939bfeccd1f94821cd6fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jul 2023 05:12:17 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
346 B 255ms
255ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=20
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 165
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 111028
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690002738.551684,VS0,VE165
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
741 B 137ms
137ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 2963
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1690002738.596050,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 44

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9FC2 379 B
416 B 99ms
97ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6e568ab54a5e6185ca452073b289084b9a955fa13a19d2f4ac43550c99854e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9FC2 107 B
196 B 97ms
96ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 98DE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169000...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
871 B

314ms
102ms

Document
text/html

18.66.192.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-85.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 592
content-length: 459
content-type: text/html
date: Sat, 22 Jul 2023 05:02:27 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-id: ChcNlnpIaYFTGlfDfLrm5obzRnH7X7lfmBycIb2W8QD1zyOQg2zQOg==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:17 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9FC2 15 KB
12 KB 143ms
142ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7619ea2f1e016910a5e69cf4e06778ee1ff2dec1b6431b2011407a6d4f206318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 46ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 842260
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1690002738.708143,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 57213

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.4/ 445 KB
84 KB 45ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4ae2a06a20497b4f5d370f5f9953a35ae67c35e24d4723d7d156b90ce5769da7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689690128
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: D7W9WV70QDQ3N4MS
age: 312562
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689690141
x-amz-meta-mode: 33188
content-length: 85125
x-amz-id-2: /hVKtt6WU8bRpRE36JXpG46F5JQ520Wk+hA5KHxEY0GDd5d9c2P9vQBKHhegYeazExaHTfLOHno=
x-served-by: cache-lis1490035-LIS
last-modified: Tue, 18 Jul 2023 14:22:22 GMT
server: AmazonS3-br
x-timer: S1690002738.763947,VS0,VE0
etag: "ce3de182e42934ed6e31ae12ca4d690b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 79869

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 61B1 577 B
662 B 92ms
92ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4a46d7ec73a1870c7eb4b6cc414d1403f608b75ad3f7fb7a087ee6a33e888088

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 22 Jul 2023 05:12:17 GMT
machineid: 3401
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 96ms
95ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&cmcv=&pix=31579697&cb=1690002737752&uv=3305&tms=1690002737752&su=3&abt=nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-length: 0
server: nginx

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 21FD 492 B
263 B 107ms
106ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=232565995895705&correlator=1862429956102762&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690002737822&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=5k2wh2knx8q1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=817738124.1690002738&ga_sid=1690002738&ga_hid=758739529&ga_fc=false&dlt=1690002736515&idt=985

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2bb608b662fa6f0e937e5311e9c4dfc07498c307dad6d64092db5922322df301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 21FD 15 KB
12 KB 132ms
132ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

023ac31659289739d9c0b48b02911f30f61cc50ae2f3fc8246b7a9ca222f5318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11766
x-xss-protection: 0

GET
H2 200 container.html Show response
0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04B0 6 KB
3 KB 322ms
96ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
expires: Sun, 21 Jul 2024 05:12:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1459 492 B
263 B 119ms
106ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1396206386718639&correlator=4356295904063675&eid=31075028&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690002737841&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=no339uw7d75e&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2105329898.1690002738&ga_sid=1690002738&ga_hid=999506307&ga_fc=false&dlt=1690002736593&idt=922

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a404c4ae9f691b4e335bba4de87b8abf550e7f10eec2ac18702257ba6ea88397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1459 15 KB
12 KB 136ms
132ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3a2cc9ba97d60295e697ea7a430ea4ac8efa5e5f1bb22b24877eb2ae69ab6bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11786
x-xss-protection: 0

GET
H2 200 container.html Show response
97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AF4 6 KB
3 KB 292ms
94ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
expires: Sun, 21 Jul 2024 05:12:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2C5B 379 B
269 B 85ms
85ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076271

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a620f147a8af1ab14e6499422bef088a2386887ac3ce081d250d322a3184d50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2C5B 107 B
122 B 88ms
87ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 4728
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169000...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
870 B

235ms
103ms

Document
text/html

18.66.192.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076271
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-85.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 592
content-length: 459
content-type: text/html
date: Sat, 22 Jul 2023 05:02:27 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-id: -QApinorc4m-GC9BqGKSkYQfH-6kUkDzmqD58MbA7Urnr8iwoqU32w==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2C5B 15 KB
12 KB 135ms
134ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b80db6d6bc640d4783d24271b30f3064d740941e838b4561eb9d1f553973376e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11888
x-xss-protection: 0

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 65ms
45ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Sat, 22 Jul 2023 05:12:17 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 436898
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490035-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1690002738.930883,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 101665

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FC2 17 KB
7 KB 272ms
97ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:12:18 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 61B1 70 B
264 B 117ms
116ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 61B1 43 B
425 B 92ms
91ms Image
image/gif 54.217.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EFF2 0
239 B 334ms
83ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 387E 0
239 B 913ms
215ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame E199 0
268 B 280ms
279ms Script
text/plain 54.249.104.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.104.171 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:18 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2932 281 B
554 B 92ms
92ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Jul 2023 05:12:18 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 21FD 17 KB
6 KB 173ms
141ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:12:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1459 17 KB
6 KB 166ms
149ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:12:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C5B 17 KB
6 KB 135ms
120ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:12:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 206ms
76ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37j0&_p=7686&cid=1993169309.1690002738&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690002738&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&dt=%E8%8F%AF%E5%8D%97%E9%87%91%E6%8E%A7%202%E6%9C%88%E7%A8%85%E5%BE%8C%E6%B7%A8%E5%88%A910.29%E5%84%84%E5%85%83%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EFF2 0
239 B 234ms
81ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame EFF2 0
214 B 82ms
81ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=36584
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame EFF2 70 B
264 B 120ms
119ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame EFF2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0EaYyMnPR8evVMwGsKlSgQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0EaYyMnPR8evVMwGsKlSgQ

43 B
479 B

97ms
97ms

Image
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0EaYyMnPR8evVMwGsKlSgQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Jul 2023 05:12:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T3X7P12PND3NT2DSGKHF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0EaYyMnPR8evVMwGsKlSgQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame EFF2
Redirect Chain

https://rbp.mxptint.net/sn.ashx
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33647_106323951_127BB86FB&expires=60

0
239 B

88ms
86ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33647_106323951_127BB86FB&expires=60
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33647_106323951_127BB86FB&expires=60
Date: Sat, 22 Jul 2023 05:12:17 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-373007474; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 228
Content-Type: text/html; charset=utf-8

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame EFF2 0
214 B 183ms
97ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame EFF2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=7
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7258506494163810449&expires=730

0
239 B

81ms
80ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7258506494163810449&expires=730
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7258506494163810449&expires=730
Date: Sat, 22 Jul 2023 05:12:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame EFF2
Redirect Chain

https://match.adsby.bidtheatre.com/rubiconmatch
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1838356e-9895-4a89-9fd5-ddcd8b32449a

0
239 B

85ms
85ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1838356e-9895-4a89-9fd5-ddcd8b32449a
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1838356e-9895-4a89-9fd5-ddcd8b32449a
Date: Sat, 22 Jul 2023 05:12:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 45ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jul 2023 05:12:18 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 2257
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1690002738.162416,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 69
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 856

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2932 34 KB
10 KB 95ms
94ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40026
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:19:24 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4293 13 KB
5 KB 84ms
79ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 03:52:58 GMT
expires: Sun, 21 Jul 2024 03:52:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8CA8 783 B
736 B 325ms
111ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

6fea0c1ead178c609f1164630ecda6668d468c3b139af8b6291185c3596bc9be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--rtyiZ0i50qk1fyZR0Oizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce--rtyiZ0i50qk1fyZR0Oizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
expires: Sat, 22 Jul 2023 05:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 56ms
46ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490046-LIS
date: Sat, 22 Jul 2023 05:12:18 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C14A 13 KB
5 KB 101ms
96ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 03:52:58 GMT
expires: Sun, 21 Jul 2024 03:52:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3C52 783 B
744 B 282ms
93ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

1e75c734d118fd68144baf014cf587b642e2836f31fe3c17f9d777a60f5be8e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JK3kpjIjXCNxvKG2HVWZvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-JK3kpjIjXCNxvKG2HVWZvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
expires: Sat, 22 Jul 2023 05:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45B3 13 KB
5 KB 86ms
85ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 03:52:58 GMT
expires: Sun, 21 Jul 2024 03:52:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2F97 783 B
1 KB 268ms
93ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

afa8fd95e1c43f528add92ba2fdca929232671f6db803b744d796c3e99fe20c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jLvCFpj7tmcGCCW_lG7vXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-jLvCFpj7tmcGCCW_lG7vXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
expires: Sat, 22 Jul 2023 05:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 19D8 13 KB
5 KB 82ms
79ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 03:52:58 GMT
expires: Sun, 21 Jul 2024 03:52:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0156 783 B
738 B 262ms
95ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

5d3951cf87577b414a3b59999c0d83a6186dc59614fbed8a77fd1846a18abda1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vWiqmP2frcjKW8R7yyGz0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vWiqmP2frcjKW8R7yyGz0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:18 GMT
expires: Sat, 22 Jul 2023 05:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2932 284 B
536 B 147ms
81ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 691ms
138ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=fbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 22 Jul 2023 05:12:18 GMT
cache-control: no-store
server: nginx

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4293 37 KB
14 KB 88ms
86ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 98DE 31 KB
10 KB 191ms
57ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 21:17:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 28509
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 22 Jul 2023 21:17:09 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 4728 31 KB
10 KB 208ms
76ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 21:17:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 28509
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 22 Jul 2023 21:17:09 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame C14A 37 KB
14 KB 82ms
81ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 45B3 37 KB
14 KB 83ms
82ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 19D8 37 KB
14 KB 86ms
86ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 98DE
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

51ms
50ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3051
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duUBeBqrQj6%2BmLq1GCUwnplJHPIUde5SuBX%2B1ixCJTUSW2ZGqflZqkLvwtgw%2Br2eM8STJJSk8IXdIGBttY98uOMjq5PF7bfYFKIK%2Bs8lRYMIWEycXjL8RbSVh7dlWjvR0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea93020f80d950a-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 4728
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

140ms
139ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3051
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB5hXN4l1IvS%2BPt9dXX7X7%2B675iQyqGiEJuSz%2FfJO9PEE6SkY1e3qf4n%2BhPbC%2BLrtdSi%2Fo9FuGtJfK8bxD7TumAmqhHbbdV7%2FdhiP0uP27mG7VWfsJFXQUjhZVTxRxcSMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea93020f80e950a-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F97 0
0 114ms
114ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=4365335851854759&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4293 0
10 B 80ms
80ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B86WJQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3C52 0
0 117ms
117ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=232565995895705&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0156 0
0 116ms
115ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=1396206386718639&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8CA8 0
0 114ms
114ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=2911737061562097&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C14A 0
10 B 80ms
80ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yBgXoA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 45B3 0
10 B 80ms
80ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EJ7z0A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 19D8 0
10 B 80ms
80ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kY8GLA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
794 B 118ms
118ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690002739347&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1534&pt=-1114377771&tz=0&viewable=true&ddast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sat, 22 Jul 2023 05:12:19 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1411
x-cache: MISS
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690002739.367350,VS0,VE74
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FC2 0
0 115ms
115ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=2911737061562097&bg=!GhmlGU3NAAZsPphkTD47ADkAdvg8WgC9KBA-uE2VW_1YE6SNnp-3h-HyPNR5H3DJ15y1cPBMGY0UkLTww9lKJ0ISk37FZJK07wUCAAABsFIAAAAIaAEHmQLFrBKAhivd7ZDP36aP8JQlPKqCy2fVUZSilGTNRcYnZgrh1U49g5-YOkn3zO1RVOx2wKHq0HBEqGXTFHOKZzPfhKXgM1pGQEb_7YflGbiJwCrbr2tiliooIWJ_XhOsm2xpvJsYgWbK3EmvZvi8_3ngZm4YesaYybbxSOW2JF90s3Hp0imITn5msANsVDxNGJwFYtDx1M2YDTctccF2-SjkmY0mQ_iBqGq8HBNByjQEC0Xdbt7OF08n9yxwCuaYwIROyMESMsFSllx_HYsl18JmVpma6H5iIAkkhpoMVIj_xQRCQshsBm1gGL19q_h2Raa9bADahhD1cApY32NaxeqWyCtJNPSReV9LvRItYs9imkIuDiKIwEk7RHui4vA6LpV1V3Utvge5enusk2lbCoz0QbndHE7_AIPjTI4OsvLqHf0OzNSBRDY4_XHJZpu8otJBFhdns8kkTVqzGIqjd8PKNgA5fXPendUb1cjkRCgtCAK_5hgCcn9VHJTmZmO4EPGv4jDXChPrjyYeKQvuy5h069llb7jpF1QvKhJla10-OH8-gwGy-nFIZeQpDjUpB92_z99TYB-kc4BfmLZoWCtSIjx1gr5u6RJT79I_bdAeYkqnNcJNYkLDA4uvikUTRky8Hc5g49W2fuf4drE67emnfmHChqv-m7m30Y2fwsOe3kytLXDWLRzZXjE2hsxdfdC1X9mlfvv4Y0NFjuBLoEh2a_xOYz2GyDJwGi5ktx7beiHuPA2mdQdvi3rcGumj7KZS6xoFML7CC9gcM4I_Nx5XO7tdkaxcn3kwm35zqUYRJzHEXArAVgSy-XIVEImlLLeBkRZjX4xff1r976omeS-sD6-YX_ZhvWghwUzkxcSc1H94B9xSUiZzcmycSZ2tu8zhFiVBaFo7CEwIMSTTNQCTkGLvT_04Ig5MuB4uawTi3xY45zMISA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 98DE 975 B
750 B 52ms
52ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4731
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slFjP8v3yV1aqAohpmt4a%2FDyWTOkKL%2BXtnshP%2F3abJ67N5xhpI9wiFlhRPZ5PR84KCRGDD%2BixDTV%2FZxlas46HTpQgshPyAG5jVXfgJAw4iO4hRh2oUjdsZZEBovTaMZiAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea93021d87b950a-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 98DE 661 B
1 KB 516ms
231ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4113036446218312&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:19 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: e829b5e3-22a9-33af-b0c8-29ab84501113
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 4728 975 B
747 B 51ms
50ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4731
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTR4LYzwkj9H9SQ3UyNFMyNOPLpuuF17fnNPrEnXW9Qwde8ZDV5YDLnfoun0qUaMwlBjJZ5SEE%2FithFGhAoCOzPY3HyTjVpxo6JGuzMaQxR4JHI1LEGRjOeZ7q918ZeUgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea93021f886950a-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 4728 661 B
1 KB 1509ms
174ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8407534768343026&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:20 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: e829b5e3-22a9-33af-b0c8-29ab84501113
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 21FD 0
0 117ms
116ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=232565995895705&bg=!4uGl4bXNAAZsPphkTD47ADkAdvg8WrLnv9oWEeAV3ksM936l94Q5iiINOWACHNE6cTp1uVDMvSDN4cgmghgbrnvWESvlq0blg_4CAAAB6VIAAAAHaAEHmQK_NYKCpQVabB71GJSyMAqRAPpt97XIlzCjwBpR4CJ_u_bbXX-gZQrROu3XfwVq10wHSbUCVAUYl7oz-SeyElILDXVjvaNaWKLHFA6ijmkvGy_i2K_6F8qrFjZwMePZwn60HGWJLjNGondPc2lCYqhAFel5kcwR0Lgcc944tvRSt5tLFe3ozidGJMW2KQl-IFP7nygKdT7j10TG52J9zHkEHd2T0UX-PXTzGHhu2V0LkyHFCZrLQQjgY43CszbOOvbBK-CW6tDHZGAHkMoVh1hu-mw5fStUXNBoVKKM8FmQbdmbkbaRqTd_lxmpn3l4_X60GYpY4a2_T18H1S8ld2Q5PUfyLbh0jfMfbUmHzJcZBIKnafvmFR98jo3oT7C9zc7hfLRXHBkoD9RiSPDAdRoZTQIgGcdQhLtwev5cAJIyKa1zW6WzADic8NDUw4z5NJgE0IxbsOzJl3TYftHE-iRt4v2meSKueg7aUtGOL-ftrAg98Vu5TiScDZOCFbaXgpjdi2WBibB4CJ-RoOqJUiaoOnUqYkSCs8r0z4FlWyhQTKWLBEXuRKh-RGVgTOdqPDkc2r-CD4lYPjD10QqtojYtOIv71pwOw22t9qffwoeZQDNWEWg2W0BkcQEHVQmOmpgsT_VQqOpXpoqlFO4DOteZ79vy3XHugLBCfQ4OJVUqyKX6FmFxdw-mKLWAyPAu1xMGxd8_iZku6XqAHu-sFq5JjaSMM2zHxGoghkul4uRiwamcV8H8bzcv26IRxNeH9fxOAVAWYkeB60AaFl6jDIBXs4J_1fTc_eUA2Df94GRzbcCQAzgSH55OFvC2gQ76pOIAhpB61aZY8yJbCN_3xDIw1dvJ9YavoKlvJ05pofdLEGTPJd9Vx9PJrWJmmSFMLp4v_ES9-grs4g8qg52IbQDWnzC5wtKb-xkKZvn62N1aJg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C5B 0
0 117ms
117ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=4365335851854759&bg=!YWKlYjbNAAZsPphkTD47ADkAdvg8WipJVQ94Qo4g6wlGoaY48_0MBnkMHuSPQ1wg0jEOcL5qalFWxVgUp77Ywcc5Mlh-7v-QVekCAAABzlIAAAAIaAEHmQLAfmdMdUs_oJATRFUi4qdQb5SRV_Bey6Qu19dLopxRrjJLuRJ-cuGtmA0HdmY12-ccyzDt6dOWWpfwDKO4JgwCgKJHPjhqPPR7JGjjc13kMZQvNaHQpiOhwdLxiCkEcrVP2smaYRAwO9QWgoKf6825__DI36DOgvxLuMtftjJud3MyVNo2_WUltMr9HQ-pVT3nAOVm6Fn5tffEq_irG08A_-THJ8T9qoFO25xRi-XGZfYrfXh958umA8P3AGJYGftzqA2y75t8CibISPsJ_Aa2IazZuSLnv5uFl1CtWX9wptS4Q6zcRvVDxHljmo4MeEZb7mz-z9yAL4szs-J21Hmk2OmYY8aGPoG1xFxc2r0Xc5arDPgrjfvg4Iu7XxzpDnyMFZkcVRdRYUf1LhHWTjNgXLET7Ec1_HEXPfNKn5n2GF06ZQjdFu8h3oZ2v6jUFx_ZoFBEQYMe99l1wwZJoisOM00H2UuXHIVI27_VuD5H6noT6qVemDR1r-9puFTqV-7JbzbfxsL6UIqsQX8zDulAmBIn6HnJxbKGyoEjAGPfFUezMdVXRSIMHMvuMy6CQYpDu-NAz88Qs07jWtdZZE0he1ES3-1001mrgYfpTIyKcCSfEYpfHOh5oxtuoALED7MHuEghiQfkczd9t-twpVJHGmS9spd3YBAGFMxLN42zKe2jjtph_uCNxWJ1o38FYpLIVBmpOo3M55u_vbyton6nekZQ_BoQHJUvisHqaoQkUsY9lpCsmj3m9dvQE-cGHpYbeo4eDC2wBsXzV501UgBWUwdeXJMU1q62CKQ2eEaNqQwjFsQNrqPIM5ZTZYDxlxuAxA870UDTxjhsPmdDpo-dEnUXzenqSbO7sS18-wF5lcrdhgeQKBHQXhRXjogk_tRcjcilWEKfRaxGc19P_yf2mf30mAqGnGRmNJk3uYB1UEg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1459 0
0 116ms
116ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=1396206386718639&bg=!c3ClcCTNAAZsPphkTD47ADkAdvg8WglDuwzB97GMMAlHSa1kkPhuCm8Fx6sOp_Q3R1beX8S91HrRB6zs5OFvhIK68IEi-K-V69ICAAABN1IAAAAIaAEHmQLI5yqwrFpfpN45NeVAU3ZgYl13_IuBIYQIf2mMwVGs7BT_gvOS0aryjk445qyWYy39oLEx8Ea7djSxfWT4qQfkfT3pqZyincFgHaF9fWDgfT1Czv0KUGT_0ib-d24xKKbxHJDRv7GHfjRrF-v1hx9590SJ9CfIicvlpa7IzXxcqX1sN-EtvXPI4FMGmsnTk92MBdpzQ1YTf_N86w3-CSnGHvG28v1IezleKifKGZNzuq4pUjG7zpNjDJ4Kgoo1fmlflB5iK33pPTGrc9ki-HFwlIe-bLgt14ep3nk2HtNLeJo5uVcEtMTni8rKM3SWisKRukIeNBkbNo9CP8VrcTgDSjK45DEHiYL_ZxWB4zS5FqHX1CVyyE9T37bPH8abxWMAsSZjXj-6hpnGlWlWdUtwLZDtPw7P4WQTyphc_miOOd3jNYu4LOgW83WUR2yHz1_dVr6A3JGeta59u_-wiNAMKK_Zge1RZ5G7kLwYNqxc1GOx7kI0NeJoptbFJz0dh-YEVDyD0hENszdmPuxyB3bqRaxpMVq3h4blRNvoQX9ZeyoRiFyMF-pFyi-4-PYmhoQnw0PV_Vs0Lih6SNSwsQ_aAq6OuJjU5M2S2rkBBjjNEpJ-tObRzKIrns9m_hm5HGkXjBVSwvlYFIwwsT4Yx-1KjR9YUlpkrn1lEE-8OXVkF7rGhmzuw4OaWRLQXfGJ_AfdHZaefWHU4RmscyzeX6N-kL0Lk2xEBV1O78dabivdG5bb9dL8l0LF9yDCVe3uWwxRUTHhc-FOy26cQQoV1j60sOxc9zsTQ9B1ny8O8D6HRQhenCrvBxPjW7c0Gyo8bDQO1t8gGqv7Lpir5kQckmUB-6Um4mU1xrcq_Afra4ujf7laX-j35hsXH5btPP3DjgWBXEyDa_GGqCkTqQdndrbDFsdLm9mvwXb0Eq0UWlB5wsxIA5UkTnrkyA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 90ms
89ms Ping
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7686&cid=amp-0HNhKObNcLeKk6fSs-KeSg&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&dr=&dt=%E8%8F%AF%E5%8D%97%E9%87%91%E6%8E%A7%202%E6%9C%88%E7%A8%85%E5%BE%8C%E6%B7%A8%E5%88%A910.29%E5%84%84%E5%85%83%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&__nfv=1&__nss=1&__dbg=1&__nuid=&en=performance_timing&sid=1690002736&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=6421&epn.domain_lookup_time=8&epn.tcp_connect_time=523&epn.redirect_time=0&epn.server_response_time=711&epn.page_download_time=1&epn.content_download_time=1278&epn.dom_interactive_time=1278
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 82ms
82ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%8F%AF%E5%8D%97%E9%87%91%E6%8E%A7%202%E6%9C%88%E7%A8%85%E5%BE%8C%E6%B7%A8%E5%88%A910.29%E5%84%84%E5%85%83%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-0HNhKObNcLeKk6fSs-KeSg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=6421&dns=8&tcp=523&rrt=0&srt=711&pdt=1&clt=1278&dit=1278&a=7686&z=0.2865113106205257&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 00:41:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16247
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DF2D 80 KB
27 KB 148ms
148ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

43cf7cb66e2f85b0c2a8f28960206a838d9ae94f8216912ee14fa1244075b96a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27572
x-xss-protection: 0
server: cafe
etag: 538 / 19560 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:20 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame DF2D 385 KB
122 KB 77ms
76ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 01:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12888
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Jul 2024 01:37:32 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DF2D 52 KB
20 KB 309ms
309ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4177753382577512&correlator=42997356841813&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690002740318&lmt=1690002740&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=368hj2nbdvxa&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=148136164.1690002740&ga_sid=1690002740&ga_hid=498954596&ga_fc=false&dlt=1690002739484&idt=819

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e6b0cd18b22c828262a7d11f4e7b8608f0b9d1868f819b03530e34c10f8f58e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20773
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF2D 15 KB
12 KB 130ms
130ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

566c85a77f202d9227ce3ec85bcacb79a0970b5b688e43375972cde28883a497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11814
x-xss-protection: 0

GET
H2 200 container.html Show response
b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 214F 6 KB
3 KB 119ms
91ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:20 GMT
expires: Sun, 21 Jul 2024 05:12:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DF2D 17 KB
6 KB 91ms
90ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:12:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D188 13 KB
5 KB 82ms
80ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 04:54:11 GMT
expires: Sun, 21 Jul 2024 04:54:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6846 783 B
762 B 92ms
91ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

59474dde19ca46b382b25a0bc65ec8c17aedb39df6070203091c0b215465de9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UW045ISW9Gv-cTlJVh8vww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-UW045ISW9Gv-cTlJVh8vww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:20 GMT
expires: Sat, 22 Jul 2023 05:12:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 76E9 6 KB
3 KB 84ms
83ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:20 GMT
expires: Sun, 21 Jul 2024 05:12:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6846 0
0 114ms
113ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=4177753382577512&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame D188 37 KB
14 KB 80ms
80ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 76E9 16 KB
7 KB 252ms
76ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 22 Jul 2023 06:09:42 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 76E9 34 KB
13 KB 83ms
82ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

ca9d535ccdbcba54485c8601295e6a865b62efe0937c9c6b0d3f5fe31adbc054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13643
x-xss-protection: 0
server: cafe
etag: 6763496401689505157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 76E9 3 KB
1 KB 103ms
102ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 09:33:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 76E9 20 KB
8 KB 93ms
91ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 22:19:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 76E9 0
0 87ms
86ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvG0YUHrRBNMV5-7o8GJ0A9psWWoXK6lmP3f-fEcsMTQ2RQ1ArgDGlyYgtPHmj56Ze_ePDhI9jgI0_a6fTaHkf61OFGQ
Requested by: Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76E9 179 KB
56 KB 274ms
99ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 76E9 23 KB
9 KB 105ms
104ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 22:19:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D188 0
10 B 80ms
79ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WWpZ8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 76E9 49 KB
20 KB 96ms
95ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 15:55:31 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9FE0 80 KB
27 KB 139ms
139ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

55533fd78df9e4616bf32edd4f32cdaa728ddce9baf089e7eb27c13a85f6e1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27579
x-xss-protection: 0
server: cafe
etag: 240 / 19560 / 31076268 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:21 GMT

GET
H2 200 B29069693.365363554;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3634947048;ord=1un08z;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCefanNGW7ZOHFF8SogAeUorm4CfT6oLdxg6uZvK8Rr4G649... Show response
ad.doubleclick.net/ddm/adj/N718679.3159GOOGLE/ Frame 76E9 64 KB
30 KB 296ms
122ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N718679.3159GOOGLE/B29069693.365363554;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3634947048;ord=1un08z;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCefanNGW7ZOHFF8SogAeUorm4CfT6oLdxg6uZvK8Rr4G649cCEAEg6OyXlAFguwagAdL4y-IDyAEJ4AIAqAMByAMCqgTVAk_Qun0zuJzTlNtjdvfFAc98W-eH16NJrfzOdON8aKNZ0JJnFdG0QMVO9FDJjlQDSG25KXcL9LVnATAyjqacfCRiK-42AepPiEW0Y96YvN1jZmXnP2fFlTynTUb1MDnsNbmBAt4VMNxumQfL_N11VcJewe7WYKo8MenNg_dNgt6YY2LaD7j-CqIazkcQzvieLARC9o2lGwAfBi-PAt0-_mnlnwtYC0q2OJI_SN_EUhDLYGrPI3YTUImW6ncQSWM-Dv95S-DVwsmoKYoOaD1h3K8f2cWKNcaDi34q8UHNwH62_R3sEQTMS1g0ZZlAeJd8cs8VVq_n-Kf-PJbDyraKUCXNhsR-T3ZWen4Yp1HMQN3v6v-zZgxpf0cpMRKd1ju30UTtYG95iZfibRE9PnzjZ00xuzc2ojjC9PM7MGWykE4reJmbn_XbsOb8TZ6w_3lrn3e7LutLwAS5_PmvlwLgBAGgBhGAB4GI1kOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdgTA9AVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSKQBpAlJWBVgn-Z2Oj3VGGtSIVx2MvqbNzHc2GnFSWyghYpjf5oHr0hSMGAE%26sig%3DAOD64_27JZSp1NemmMTeLUZlVYdhbJEPEg%26client%3Dca-pub-8798765870329885%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=4,https%3A%2F%2Fwww.bg3.co$2,,,https%3A%2F%2Fadx.holmesmind.com%2F$0;xdt=1;crlt=bWsFyRSWa8;stc=1;chaa=1;sttr=147;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

26c2b79f7257833b245afabfa5b0e0a016b4313e1b785f6c302e49f1a9550881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30177
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/ Frame 9FE0 385 KB
122 KB 77ms
77ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

88188519fe77336fb1c2efaa1c64e4e060133a3cbec7faa83e16e6543fa0a41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39001
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125228
x-xss-protection: 0
server: cafe
etag: 3607765217029924898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 18:22:20 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9FE0 27 KB
12 KB 321ms
320ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3984386694879697&correlator=3554225195460502&eid=31076268%2C44797784&output=ldjh&gdfp_req=1&vrg=202307190101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690002741313&lmt=1690002741&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=4u8lra77fk8l&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=255383364.1690002741&ga_sid=1690002741&ga_hid=1664691722&ga_fc=false&dlt=1690002739498&idt=1791

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9f15a3602fade468d5df82692daa0b18a5b24cd99e5cf69f6b509ad2500ea40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11969
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9FE0 15 KB
11 KB 129ms
129ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

757162372372e82563718d58e7b02c5d1319d40ec0e689669d4468bfc639b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11665
x-xss-protection: 0

GET
H2 200 container.html Show response
b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A77 6 KB
3 KB 119ms
91ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:21 GMT
expires: Sun, 21 Jul 2024 05:12:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF2D 0
0 117ms
116ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=4177753382577512&bg=!39yl3IjNAAZsPphkTD47ADkAdvg8WgIfkuRP6t8nM1Cf-5m8kl-OeydSjEeQmejqC1YKg2bJOo9T1n4SumfhU_5AweIkEHBdMUYCAAAAb1IAAAAHaAEHmQL8kKW4_e4zxDgEawhVqOsd_q_DyrVODbQnQOGOl1qNRB_wSwyEeSYKRs0BZ2znUAN7TDuioBl4UG10ObUVmioil7gNAhdtrgJzGftTPfAb1vS7Prj6zvdC0wlyZWSfoUbWutu_X6xWhGN7BVPN_sEF4f1qDfEzIvv2-b6k_yKnGdf86qYJNvLO8-OHolcP411w5LwL46qFZKx_vpeoHOKlWJp_jqGIuxq0Q5fyreLyYYLZggUd6gcb9qkFo-7mZiw4ytuuzKojMf_cs2UHbX2QpY_x0sgpHz4PBY2ibWOwp04HKpqhQsBCSN-Ku6gldPPU46fSi6ROUqZJoM28MJredJSqzy7q7BN3WoPBgyg2y2GtYljPWQHFkqF5QpB8glgkKXKjqxc6TQ9mprucz5g3ziPgPd6DJErCOL3DJWil-wPm0xFTvRnXT_r1qqR6OekF3-EjrVadUChgROZtYSmFUTajaegYiY77cRWRcYcbrcNwBtF9On5WhvoruoM9vJ7l6JoiiIDaI9ZjgSeYX159RaGINCTRLdv82_gCp5YJZCinVTPSMDyozIXJR_VaiSyJ8rPskaxzZrWux1dulLScWFfsTGVHOuYegisniDsyeGbv74zWCzP2SM7R0-4tZaFuOCDPzXWToXpEL_eQqq9q51SRFjssFZQlocc9guOLtACahtgvsRUZulGunOTu54RrPqiEJNQ7bNaJmQjK8PfsgSiyeqvlKjEBVP7qsPpCUKnWoOG_Z1nFVfqD4ywOqX8JW8CS8o1zkbMzUysm4e2Hr1wRVBjQiGP6HgLm-QuSp1GlY-RRQRFhsmGooFcD3Jnir3bWMHwTxzGwjvg-JYNfQ5dRzO6tX_QtdjazXf8mNecfXP38jtrZajDfNUnWdHcFalCmeq0K9hbVsgdD_d_r7FyR-_u3KWb4R1UwqHOqBfdPSZTlMN7HJkMzcQkSocNxpBuLi5Rr_AyPTij1iun2IJ0Plj0-KDE52UDdAqc3bGgnXycvuEwvEhPSKeM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FE0 17 KB
6 KB 101ms
100ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:12:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 76E9 11 KB
4 KB 80ms
80ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N718679.3159GOOGLE/B29069693.365363554;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3634947048;ord=1un08z;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCefanNGW7ZOHFF8SogAeUorm4CfT6oLdxg6uZvK8Rr4G649cCEAEg6OyXlAFguwagAdL4y-IDyAEJ4AIAqAMByAMCqgTVAk_Qun0zuJzTlNtjdvfFAc98W-eH16NJrfzOdON8aKNZ0JJnFdG0QMVO9FDJjlQDSG25KXcL9LVnATAyjqacfCRiK-42AepPiEW0Y96YvN1jZmXnP2fFlTynTUb1MDnsNbmBAt4VMNxumQfL_N11VcJewe7WYKo8MenNg_dNgt6YY2LaD7j-CqIazkcQzvieLARC9o2lGwAfBi-PAt0-_mnlnwtYC0q2OJI_SN_EUhDLYGrPI3YTUImW6ncQSWM-Dv95S-DVwsmoKYoOaD1h3K8f2cWKNcaDi34q8UHNwH62_R3sEQTMS1g0ZZlAeJd8cs8VVq_n-Kf-PJbDyraKUCXNhsR-T3ZWen4Yp1HMQN3v6v-zZgxpf0cpMRKd1ju30UTtYG95iZfibRE9PnzjZ00xuzc2ojjC9PM7MGWykE4reJmbn_XbsOb8TZ6w_3lrn3e7LutLwAS5_PmvlwLgBAGgBhGAB4GI1kOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbgMAdgTA9AVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSKQBpAlJWBVgn-Z2Oj3VGGtSIVx2MvqbNzHc2GnFSWyghYpjf5oHr0hSMGAE%26sig%3DAOD64_27JZSp1NemmMTeLUZlVYdhbJEPEg%26client%3Dca-pub-8798765870329885%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=4,https%3A%2F%2Fwww.bg3.co$2,,,https%3A%2F%2Fadx.holmesmind.com%2F$0;xdt=1;crlt=bWsFyRSWa8;stc=1;chaa=1;sttr=147;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:49:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 76E9 0
0 311ms
118ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv91oMmJsM0PkBvKvvpeYVr96NJe1MMw99lJh-SkXxCLiQ5FpOrnkgw5e1J8DMs26dVGeWjtKN5PJq80SgqdaCbfmSMdwUljOFBKFyZARALCh_RKgT_n9TzwqKp8_1-77J5Tv0sx2o5LRMvxWcGpIkuVqnehnNIBhY&sai=AMfl-YQQ8PpuxIBtLT5lnG4QLjnbRoboEAGENpTUfhOqcj8LyBUCFB1-914g2MojeA3d5gcf9_QsFlg6vSiuAfVHP4Kd4uKvSPUFbQcsrQ&sig=Cg0ArKJSzP71zn2Ri4iSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230719.53693&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 05:12:21 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 76E9 41 KB
13 KB 81ms
80ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

GET
H2 200 11321675511950856973
s0.2mdn.net/simgad/ Frame 76E9 76 KB
76 KB 254ms
79ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11321675511950856973

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

5f4159204d4f6cbbad27a6ff3632b103b968d4d4f7edf25df83b0bead6884db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:42:36 GMT
x-content-type-options: nosniff
age: 224985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77490
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 18:17:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 14:42:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED4D 1 KB
643 B 81ms
81ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 55522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Sat, 22 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 76E9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bbfa44d4ff116a4f26e3d7ac8a0fae7caced79595ca8d1f01fa47edbccd0b1c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B93B 13 KB
5 KB 81ms
80ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 04:54:11 GMT
expires: Sun, 21 Jul 2024 04:54:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B96A 783 B
536 B 89ms
88ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

5611aa425bd5b8061d28e252c1fe0b27795e928caa2dcee56bc4d6974d64b1ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pz_kDW3KxwwhDM_Cziw1Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Pz_kDW3KxwwhDM_Cziw1Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 05:12:21 GMT
expires: Sat, 22 Jul 2023 05:12:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EBAA 22 KB
8 KB 81ms
80ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 35780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:16:01 GMT
expires: Sat, 20 Jul 2024 19:16:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EED1 0
0 114ms
114ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwXwIZOMD4batFpj79-GPyHcZaTRX4gwguHIC-5XlMcf06jHUm3OynY-7DBElYs7URlJwY_rqr7lK1UkaO1oe5WH1kSUyHfNPzKzy8QnJzEr0hapfK4_FZkSYyyLxomjiDVk6cotZvRDyhmCYiugd1WssxeUv7rSkw0YCCxu7OinukNC9V0IzhjvDtqP0mcApW8l2NSFlNqOBtLpOXyR8q2f5ksbMc5nd3-LNI1U-umjJR7iuk_5VIKQvFb_QGMmVQuTqXYIFKnoq9al3_V_bv60eIqUwWUWow6vxyCozGgv0t-RRYcOuBwWfLP-R1tF8PTY_vqGRUyuNqp2s&sai=AMfl-YSP0pCUXg4N4QJL-drdy_nPOU6kVRnxsX6hgJJViDEqS85GYPSFxUd-5g11mdkd1G8_xdFCWeWpROV21eZRXPbiAruL39EP30f6WA&sig=Cg0ArKJSzDe2dxREU4_ZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame EED1 31 KB
10 KB 56ms
55ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 21:17:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 28512
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 22 Jul 2023 21:17:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EED1 179 KB
56 KB 86ms
86ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:21 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame ED4D 35 B
362 B 88ms
85ms Image
image/gif 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDw9VX16qefKHEhum4euMZE&google_cver=1&google_push=AaAOQGFYu4R3BtopbJWfR8CwkU8OhIjoB87ujDeDrfzkYp76kMIxP_USi27kQBS44H1hQP6Lb4g7o-FdQUHHppUBtaBbu0dHdBN_oQ

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED4D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOBV48GUbTF0VqiE2s6QBpM&google_cver=1&google_push=AaAOQGH8gc2Yv3nYe1sUNvfo4YLq3hQsTk6I-fb9LrH_Zl_GbNUtdi1EjcU2UE6tPp9GqQ7q2m_ng6g4srdlQ1mEGaPEEaGp1WGf_Q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA6886EA90E542D6ABDC9BF270D5FD46&google_push=AaAOQGH8gc2Yv3nYe1sUNvfo4YLq3hQsTk6I-fb9LrH_Zl_GbNUtdi1EjcU2UE6tPp9GqQ7q2m_ng6g4srdlQ1m...

170 B
232 B

89ms
88ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA6886EA90E542D6ABDC9BF270D5FD46&google_push=AaAOQGH8gc2Yv3nYe1sUNvfo4YLq3hQsTk6I-fb9LrH_Zl_GbNUtdi1EjcU2UE6tPp9GqQ7q2m_ng6g4srdlQ1mEGaPEEaGp1WGf_Q

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Jul 2023 05:12:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA6886EA90E542D6ABDC9BF270D5FD46&google_push=AaAOQGH8gc2Yv3nYe1sUNvfo4YLq3hQsTk6I-fb9LrH_Zl_GbNUtdi1EjcU2UE6tPp9GqQ7q2m_ng6g4srdlQ1mEGaPEEaGp1WGf_Q
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 21 Jul 2023 05:12:21 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame ED4D 70 B
264 B 118ms
116ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMJL0Qr5TkbK45TCi-ox-WA&google_cver=1&google_push=AaAOQGEdqwg8iSnoGDxIplAdiWshuXF3GShrbiwyZqQBWTXpJgkuyYN69tIfwu8bWxbgapxwb1wqSwex9u3SZQHGPPc7mSVO_QiCCg
Requested by: Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED4D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGYjhUyB3VlV2OqAntmdJy8&google_cver=1&google_push=AaAOQGHUHtwxQ3r_aSJD5TCLQQIu69QtaMBUC6-VFoxtI9reRSrVbIWgDKfe7QjF-9qvuk8Alr8GzIB6s5o...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHUHtwxQ3r_aSJD5TCLQQIu69QtaMBUC6-VFoxtI9reRSrVbIWgDKfe7QjF-9qvuk8Alr8GzIB6s5o5aFxT9XtasOgevD4HEA&google_hm=HteGYvVTQgmRR05-MM...

170 B
329 B

88ms
88ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHUHtwxQ3r_aSJD5TCLQQIu69QtaMBUC6-VFoxtI9reRSrVbIWgDKfe7QjF-9qvuk8Alr8GzIB6s5o5aFxT9XtasOgevD4HEA&google_hm=HteGYvVTQgmRR05-MMZx-lI

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHUHtwxQ3r_aSJD5TCLQQIu69QtaMBUC6-VFoxtI9reRSrVbIWgDKfe7QjF-9qvuk8Alr8GzIB6s5o5aFxT9XtasOgevD4HEA&google_hm=HteGYvVTQgmRR05-MMZx-lI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame ED4D 43 B
363 B 259ms
85ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEEO4KJhmsFMbLs4ym_iDkD8&google_cver=1&google_push=AaAOQGHhu3pa7tUuyDO4IAyCGPQzcQ35pGhhxODW8VmOLpM3VgDiNBnOQkO6eoDDiiCjg55sxKZeY-93OJy5CgP3PW1rsUq1DGWKfQ

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 209642
expires: Sat, 22 Jul 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED4D
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEHV944izhQ7TIXDUDapFZA&google_cver=1&google_push=AaAOQGGZAC3wCMjRmXMzyZaL8pu4pzdT-tTOiBZGWAknwk1HZUZLpNy14n67RkVrypfwDxtd3RLPCRSLWNs1Ozqz...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGZAC3wCMjRmXMzyZaL8pu4pzdT-tTOiBZGWAknwk1HZUZLpNy14n67RkVrypfwDxtd3RLPCRSLWNs1Ozqz1-svgZcz-JgJWw

170 B
232 B

88ms
86ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGZAC3wCMjRmXMzyZaL8pu4pzdT-tTOiBZGWAknwk1HZUZLpNy14n67RkVrypfwDxtd3RLPCRSLWNs1Ozqz1-svgZcz-JgJWw

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Jul 2023 05:12:21 GMT
via: 1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGZAC3wCMjRmXMzyZaL8pu4pzdT-tTOiBZGWAknwk1HZUZLpNy14n67RkVrypfwDxtd3RLPCRSLWNs1Ozqz1-svgZcz-JgJWw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 3-XWxlB_p4BJN8YtPcRxLZTQIOTui_1S7sDQzlRb1z8VXaVdN1ymag==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED4D
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELnx6jttZ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELn...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cd51038f-2944-49a9-a5e9-d689c33ad896&%%GOOGLE_PUSH_PAIR%%

170 B
232 B

92ms
92ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cd51038f-2944-49a9-a5e9-d689c33ad896&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=cd51038f-2944-49a9-a5e9-d689c33ad896&%%GOOGLE_PUSH_PAIR%%
date: Sat, 22 Jul 2023 05:12:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ED4D 0
139 B 252ms
85ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyqC3TS8mLh3jPT6VDINv1Qm_tQOC-ug61KhuNot7V2Z41SXjytlc3_yK9_47yqOmEk6Psyg

Requested by

Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame EBAA 37 KB
14 KB 81ms
80ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B96A 0
0 114ms
114ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307190101&jk=3984386694879697&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame B93B 37 KB
14 KB 81ms
81ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame EED1 80 KB
30 KB 279ms
84ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 357M0PY7STD2R7JC
age: 482
x-amz-server-side-encryption: AES256
x-amz-id-2: /PvFQMQeF8+tk5Ae3YIpjaEuYc/21XXOJeVOHUqCpE9+sI0EDH4oTY7KFXgftoQlbDmZ/+Npzus=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame EED1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9c8496ff943b8fb9f5a0db6eeacf962672ece3c148ceb444dccd351d8f90f7b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 76E9 0
0 120ms
119ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv91oMmJsM0PkBvKvvpeYVr96NJe1MMw99lJh-SkXxCLiQ5FpOrnkgw5e1J8DMs26dVGeWjtKN5PJq80SgqdaCbfmSMdwUljOFBKFyZARALCh_RKgT_n9TzwqKp8_1-77J5Tv0sx2o5LRMvxWcGpIkuVqnehnNIBhY&sai=AMfl-YQQ8PpuxIBtLT5lnG4QLjnbRoboEAGENpTUfhOqcj8LyBUCFB1-914g2MojeA3d5gcf9_QsFlg6vSiuAfVHP4Kd4uKvSPUFbQcsrQ&sig=Cg0ArKJSzP71zn2Ri4iSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=381&vt=11&dtpt=379&dett=2&cstd=0&cisv=r20230719.53693&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 05:12:21 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 76E9 0
0 121ms
121ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClAVtNGW7ZOHFF8SogAeUorm4CfT6oLdxg6uZvK8Rr4G649cCEAEg6OyXlAFguwagAdL4y-IDyAEJ4AIAqAMByAMCqgTSAk_Qun0zuJzTlNtjdvfFAc98W-eH16NJrfzOdON8aKNZ0JJnFdG0QMVO9FDJjlQDSG25KXcL9LVnATAyjqacfCRiK-42AepPiEW0Y96YvN1jZmXnP2fFlTynTUb1MDnsNbmBAt4VMNxumQfL_N11VcJewe7WYKo8MenNg_dNgt6YY2LaD7j-CqIazkcQzvieLARC9o2lGwAfBi-PAt0-_mnlnwtYC0q2OJI_SN_EUhDLYGrPI3YTUImW6ncQSWM-Dv95S-DVwsmoKYoOaD1h3K8f2cWKNcaDi34q8UHNwH62_R3sEQTMS1g0ZZlAeJd8cs8VVq_n-Kf-PJbDyraKUCXNhsR-T3ZWen4Yp1HMQN3v6v-zZgxpf0cpMRKd1ju30UTtYG95iZfiLxMcrP1o2USKBWXVRk4WONkeOuG7vlbzjGXtSzN1nMrkzjAW9sJVDosxwAS5_PmvlwLgBAGgBhGAB4GI1kOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCgmQLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMD0BUBgBcBshcfCh0IABIUcHViLTkyMDg3MDgxNzA3ODMxNDAY7fGCAQ&sigh=GGH0xj-iuOg&uach_m=[UACH]&cid=CAQSKQBpAlJWBVgn-Z2Oj3VGGtSIVx2MvqbNzHc2GnFSWyghYpjf5oHr0hSMGAE&cbvp=2&vis=1
Requested by: Host: b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
URL: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B93B 0
10 B 80ms
80ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yPFTGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBAA 0
20 B 118ms
117ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt_NeNWW7ZNLwFuixx_AP0fSAwAcAAAAAOAHgBAI&bg=!TU6lThrNAAZsPphkTD47ADkAdvg8Wr51WOUG9SPNVjvDfTaiOKr3ytve0cz56MkjTTUfMSu1oBBb644wTmlHluVHBioAQXSqrnICAAAAyVIAAAAHaAEHCgAEbVQNq5kDQh6vdPsYLio_bEecS0UAq6KNuT1-bDPZ5iYvKeHgJG4FQGFR1slea5yMu-UTfEcnSlLVv04ol3YOM75QAX_UTFWCZbsyhIc3iiyouR-Nzd4Ps2AHMgaQF75CuYyBye3Gue7oVfM-WHkfEcLeBRvX0HGDhkVw8tONuh7nx8574ZF2g0Q7b6fOB3b5hxF2FulhRV_5VeKfaQBL1gLap_SyAqHX2VHLB4P_tSoYeikjtmlbYDe51mFmN4ql1TDzAXkjlX5dPLsESOD7ZtgmulMkoOpgUh9jQaCPTDkKsrojFg8DLdBaDNMgKqWjwKpD-vi8nt_nqWV_1qEtRiCrWnoKNmtEavOwfCvBFigC-c-VQ53r5pC0WSAdaE5tCs6i_KyCQ44ujrarpTizBHeA_-VgV6Oh_cUNgmPTfFFUID_Tz3Sp7ewR5BbXXASoQfQU7TT0rsITsMvZ-pKYAcZeMMac-hAid-oFyT58xoG8Q_kDZotSkFH1wfUFgh7eag-Ty6AdJRalPj6JIZNX2taYaY6yyUE-ZE7lQsGUH1D-kOrUYWz3nRbYkqJ5tr80af61ht8wD6Qo7Nf2b00DfzOx2saC5yXt8mb9Bf46bxeBEwe0SBJAn4NuZF4uIR0_GLtoSnW9kH7HP2yCSKdteQTrlXxA6nkum_BMkHznnnbGYX5HMFPZFQkQBcvGAjqogrxr85O-NlJ-FFsFRH-gGN7Rl1jvIQIFuJBEkWyGKA7KkAKriS3mQsroPlRiMEfdqolTI70xGrvO_JOYjNd4pRm8ULSYN8sXg4wF36AkPuIoA5huzZPpiPeCd_98aKEtobhqnKYYAsig4vTEJPu2jYDtxaN--Yp_k6Spe1wsXN-JU8lmuK1sWPuXtjHejQbIeAvrPVj7NDEnCn_-tL0F8GhvR3lg7wiMwK8tvyR1sNynzoag52fxY7XwgMOPLp1bJkD806SYRFHhvWm6tb4RF3p7_iRMTVTyPcrDzzjnxtLx7QcoRffDTYVVG9qktSsezesCR82AvJ8ZAzX_dxosLUALqbDPwMB_4Zefo-T3bg3t5ylPEiwPt0z2Ay3urei6Gdi4z5d0MYkgnEVAle5vdiTTPyotcjUovA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame EED1 290 B
615 B 304ms
99ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 22 Jul 2023 05:12:22 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 11
x-xss-protection: 1; mode=block
x-request-id: 4de6d5a3-79da-456c-b5f0-35f73fb0b4bf

GET
H2 200 b
geo.yahoo.com/ Frame EED1 43 B
366 B 285ms
90ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 2
content-length: 43

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
782 B 122ms
115ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690002742350&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1534&pt=-1114377771&tz=0&viewable=true&ddast=V8oG4CLAb4GbqrbWvCKBLwM3RX29aEUSwAAABgYID-AEm5jLPVzGJaC1eL5Vq0WxnXytVi5VaOTDaXbWYxjiyrISApl3G2mllMa-FqsVyLdivjWrlarNzKkcnmss0sxpFlNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZNaDodPte9Xvf73SU-z1zj9yv8QtfDLXfY3VKn3a31231uyfL1cmuOrqdb6He9pU67zy12uhWDtWS5fLqVr4fdLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwCoHA3Z6Ln67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZKOr9gO4MFKGSAFyEUYAAAAACjRdpY5M0gkqFlX-___7rQBcAQAISOQbEDLNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIY1wpDTBE1wpan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSFgWM9dgMzFtVsuVY7jcDBYWk2fmmRgWNstqstmeTTgKgzQOycA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGaxeZyjhWMtmTg3a9HEMFsrfLPFWjHx-CYOm2MxcRnXotfHdLGYVg6HzYsEA6r2InlapBPhambxuEYuy8S1shhnzuVoZJp4jBvHcrkxjhyTiViiOVmkE9ll37AsZq7BZmLarJYrx3C5GSwsJs_MMzEsbJbVZLOvWWwe52jhWEsmzs1aNDHM1grfbLFWTDy-icPmWExcxrXo9TFdLKaVw2HzN2bLwWAw2W1W-8ZsORgMJrvNat-hM3xXn7NRWVZJPjqXRHV5iG1Og8JlsHif34s0tDPajD7NV2JRPcU5z8Qq9Pv9fr_f7_f7_d6N2eAxGAwzj3abGLv8ms1PedR4DwZFLBFcpBPBw-x2mF5uic-z8VvEEqXpIp3oFX6h6-GWO-xuqdPu1vrtPrdk-Xq5NUfX0y30u95Sp93nFjvdisFaslw-3crXw24Xmt5mi1giOF2kE9HLeLqo_4ih5orVaK7YjebCySoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EYjFx_____-MAAADIyKEHAABAvw8oCwAAAAAA4B-ACrFWq9XtxlqtFg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a8ab76e93873a39ea087323760a6de4b151d6c4222dc923e9fe011c2aca89632

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
content-encoding: gzip
server: nginx
machineid: 1433
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame EED1
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

51ms
50ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3054
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Br6rTirtnrX%2BGjm4xFVn1q%2Fbn%2Fpvv2Xqz7FsQuga3%2FbMFBFk%2FZbbBAzT743UxqkKA0gRzMIxY7TpoUE%2B3Wz4jkklE7ehADH6Hts%2FXiVWlR3xMcHwXRg2xQJf67oYank1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea93037ad2f950a-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FE0 0
0 119ms
119ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307190101&jk=3984386694879697&bg=!T0ylTBjNAAZsPphkTD47ADkAdvg8WpeOyT3hxGXlkjT5fYJe2Pff8u2rzwbBhzui50UCp9Bq_yEASIHABU-R_QzInBAeAMmGpywCAAAAtFIAAAAFaAEHmQL2-A-pdbfNMm8bIh_cqTCfp2vy1c22fR6sd38B_tu6bGLsqHyCVpEVlm5L6_T1AIuALsqbk56CCZt3vz1LSFgdOhkVUfhf-lsCL5vFozEZQnuvTNffL4mls9tTOp0PIDLr4rNXVapXM-IUw9FZyYjsEhLNrcvHWOOAElL3VeOyoPRV7DkMyIVIaKlvvM68Mn0nAGsqcp59NYi_vv32zBS3aWankR8C6WdiLGozF6Kq9adUxkdb7pWuP_AOREk_jGRnAExuUTLm1yJe5W_DFSTlkg9RbM0qWRVVfoArhdtHFCz2srqs42b8oIB617KV2jEc5frAKfj6WLuJWrnnl2205ZbatxefT8jqm_wTZVLRN6fsPu3Ndl1glfYzO4hiEY3oblOmWjAPt-2-f_Fkad0AhGzaiIYQ36bRXEXiBu3hL8fZvC4aHpmGrXWsyrEPrjwmNCi4NvM-t-9NdCS3a8VWywG7TZ1IVE8kdCCgogy78c-UzR-0nbJgyoDjIAVoJsWVvHZTGjuyh2KIUjgXahxyKSEeCZIsTpRExVFYbyGeVQJiCUa63G-K5mTmEl1Mddten0LRXI7Qj9RITHVAShdFATAosVJwT8ldeUX5E5bFsiG2VWQ2jFJRCj7obtZTlGJBZ4UhPZPEZ81Le6furuHmjvBFp06FhlO9DFpUOh5nUGdI_FXL1Ba9bkBw6Ir4GsjdmlkozggT7oe0kmICh4kHYUrz7SZkqAe4GxnpueDztsQJCFGmJnxsCAV-TjG4BHJGPxQyX-2NpWDnQYOH_R8tfg-usXUrIGTPIacMYIulrGKONgukdqdWrOjZ9AkoZaLSMw8R5TC4kcIxPdR_wNhuQObhs3QezKOK8H5oIEQX0UhYFD-2kO-YHFwUcXgbHk2sJCoQP6GqeLO4tmAtogErQIyOGW4OLp4_N3hexGpLYaawhszxdAQsmlJsIa3HdxgnrjXiQU3e6mfjDbN_uBnCmLN-lOgoFhJk55ofbSn4eMd3azZkBb8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76E9 42 B
64 B 126ms
126ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-mFy7f0lhYFkLUvj0mGsqON1sWi-84EdP88-RwC6FeytLfxHha-W_ZCa5QE_tUkjObCvv2Mve6VL0LeQ3a_hdjim6M5HZ9VGvQ7pb5RHyLO07SqTMxP83tLZXiLodgyuAtIgRHKKC6vmv3sMv1xDJgxL8mxb97axh2SCQc0t456MZPqTlcNtACz0UHEZmUnm4ZguRNfeA8JuvrFK8D4OrFtD9y9rfnKjMXJoULbys4R6ANbbHDxYfXYx8lMHKgMxhFO-Cai_JOlFYOr8QaT5voduUPiCEm1ZZIFIQb7JFcL-jF6Rtqivmsitl8Iyp2fW5YYMXQe1nZjIxzj9Os5RDZBxHoDNSj5nagiK2ssgHZSzWL21KWtu48PU36142NHKZAYGP1E1ylHEOCAq7GWBunqyxuA2p7uCITPuOfRNMsE523mAjMmPJqI1FGBYkLpudUmCPSxF1J6ceGAlX0XyFeiTmV06B8RJKbpUsbcZAoakXFrQwhVHCjI3VN_l03u9DcTcVY4onzjSvrxKp41PNXPNwTjPHPoxMcs4uxG9a12BiF69AA2Op4Aq2o6mC9vnFEn8-JmtfdWVzcU1GA9g-_timmNu_Z5amWQN7a3gCihNR1WoyUoDjc060JFqInaZJFMP1jAWvw_7Vkv9w0yjkspqxE1R6OA1-uTI-uz5Y4tQTRP7flQlD_sqBpbyyMv_IXpTKjlRszGVPs_u1aRGyTJh188tofHFKtFWL9tO4N8C3Y4RFCFViwXxY0ZRmtRsYvy8FZx21j7EIW1G2MbMkNwXSkaoZp1Tg4Kb7olh_4smDkJrZ0Tc_NiIrQ98PaRP2qNL_LECho9zyJhZvYVsSxO-yaG_BZ-8xTqjw05ZpAbqfGnBcfZiQdmdoqTi5FBexPF3vHyw6mAE9WWbZ65sXwvNbDublG80fF-R_UWMw9nu-ba2zqJyiyEMDE-GgHfGgMoORRXskuWdpecYIeTTUMCi9xItZ5Eq09sG84r9lgeeSltin31BZYEolNgCUL6vO4-NK33upTMcsByBx3M20Y5J373vlqpB8HwIzKXdIdynBqkcCnJPZ4waW-h3bgP2rI_UknX_jiMH0o_qy-5f5uqrLE8etJObObdYg8aIN5v560TtCe8P5gjNsYuKzbVjzqKNq4WVuLLVyJEPZSbt3dIW8ZhITnN9mOy1w9gDb5ZRw6XBAYuPxDeAQUDNhfJv39fc&sai=AMfl-YSaMByKJOdtXEiZ5MMIuXMR8ImRo2ejGelevS4P-LLneGcPu9uCjjEF9UYDCdgzAIWxg_OT5ZRcoUc2cVK-D2ppdmnOfWU0vf5_EXieeq_pvOA8jBZD&sig=Cg0ArKJSzOCNiA9kN2-YEAE&cid=CAQSKQBpAlJWBVgn-Z2Oj3VGGtSIVx2MvqbNzHc2GnFSWyghYpjf5oHr0hSMGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690002740646&rpt=1250&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76E9 42 B
64 B 115ms
115ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstclVlvFufLvAuH8C-f5c7-clLDw9qTae1aBt9fmQxwirICIJhwlUE4X1B6f5fkzqLn03RRj0V-IiLBC5nIG69aM8Q39N8P&sig=Cg0ArKJSzC4aBvNzRj09EAE&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3634947048&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690002740646&rpt=1256&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame EED1 975 B
751 B 59ms
58ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4735
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFvIaebh7SPdent7XNrtCuP7lf9lgCAO5YYCiPbj35iA%2FgywvVZI0TFoLAx7Gysij5wj0p%2F2WUuitcq4MOFSTR0DQj6%2F%2Bip1XOWYna3RP08yw%2FxHQ4qby6BTI6IG%2BW1DzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea930381d68950a-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame EED1 638 B
1 KB 549ms
245ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.549152603985422&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 05:12:23 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: e829b5e3-22a9-33af-b0c8-29ab84501113
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EED1 0
0 285ms
119ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRGqsOJnVTaiNaqDxXkBs5bAZ20fUXlTEIxrCIwpWAqkPz_EaWaxdItIfU1ZMec3nbWQI-UrS2GLfxphPbkiSAALoRxr6mJaEz2a00eKm-aypsbnlizO7dDtlRe04H3dhHnJgcC1DjeLfK40hwzXe8nuxI3jesXF0_RPF1e_PcEGCatugZdaNqnqM0g_4iCIrhbVcOtXoxiEUhT1sREzFHPRQPY8sRDANAMbQEQx-abvqgtdodDpKKTgQXmwZn-kcZLOq0raBRZWS4aiERbRth7H3ENJv36xn8zAjH6vqIQrlVN602042WA2gDVEsviPlgLgyu18XWwSJcoc87yA&sai=AMfl-YRwuZuo4VgIXS-Q2WELLWQNHYdV8RV4XVdpjySe2HyVtLgJ-bDFKNysDWNf31HI4JAkDfgRXFlLu5RiTPdBSRnknmn2F4mKf_JFJg&sig=Cg0ArKJSzITxyn0ZIF6jEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 05:12:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 75ms
73ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37j0&_p=7686&cid=1993169309.1690002738&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690002738&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-nan-jin-kong-2yue-shui-hou-jing-li-10-29yi-yuan.html&dt=%E8%8F%AF%E5%8D%97%E9%87%91%E6%8E%A7%202%E6%9C%88%E7%A8%85%E5%BE%8C%E6%B7%A8%E5%88%A910.29%E5%84%84%E5%85%83%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 05:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
254 B 165ms
164ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=IL%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 117
date: Sat, 22 Jul 2023 05:12:23 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 107749
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690002743.311697,VS0,VE117
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2458 143 KB
49 KB 129ms
129ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50561
x-xss-protection: 0
server: cafe
etag: 4358175750960622773
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 05:12:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/c03399bbfecf17d7a847e521591ed65a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/99d740ca6e44aec49ad044f648f70962.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4f9eae13ac0384f284ab75c980b15d50.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/1009b022bc0c8726ec5251eb92019ae2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/df21e45190f32118d0d1c295084961dd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/ac2807dd3c6aef9609dd375ab6ffb1ce.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/039e30df3e0163c07264fcb620e00463.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:12:18	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dfbfc94a1-2b93-4b06-a761-1bc7baf11be8-tuctbb4eaaf
.aralego.com/	1970-01-20 22:12:18	Name: sspid Value: e829b5e3-22a9-33af-b0c8-29ab84501113
.www.bg3.co/	1970-01-20 14:09:54	Name: _im_vid Value: 01H5Y06HFVTRNBY5HY5ZRVX2Z7
.aralego.com/	1970-01-20 22:12:18	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:12:18	Name: gdpr Value: 1
.quantserve.com/	1970-01-20 22:56:57	Name: mc Value: 64bb6531-14ddb-f3a5a-b1ac4
.bg3.co/	1970-01-20 22:51:11	Name: __qca Value: P0-1907315616-1690002736542
.bg3.co/	1970-01-20 23:02:42	Name: _ga Value: GA1.1.1993169309.1690002738
.bg3.co/	1970-01-20 23:02:42	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1690002738.1.0.1690002738.0.0.0
.bg3.co/	1970-01-20 22:48:18	Name: __gads Value: ID=770b74f8e1b6aaa9-2225b7cad4e20008:T=1690002737:RT=1690002737:S=ALNI_MYC4yyhPNRhWzjdq_HUL4IDkdZj8w
.bg3.co/	1970-01-20 22:48:18	Name: __gpi Value: UID=00000d003c176b9d:T=1690002737:RT=1690002737:S=ALNI_MY9-g4y0IJpW1zOoZwdZ9kH7x8sBQ
.mxptint.net/	1970-01-20 23:02:42	Name: mxpim Value: R33647_106323951_127BB86FB.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064BB6532
.adfarm1.adition.com/	1970-01-20 15:36:18	Name: UserID1 Value: 7258506494163810449
.adsby.bidtheatre.com/	1970-01-20 13:36:47	Name: __kuid Value: 1838356e-9895-4a89-9fd5-ddcd8b32449a.459216739
.amazon-adsystem.com/	1970-01-20 19:32:28	Name: ad-id Value: A65GhV6DEUlch1Na4CMvn6Y
.amazon-adsystem.com/	1970-01-20 23:02:42	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 22:48:18	Name: IDE Value: AHWqTUmt5wLvbGjSQ9lxAUA48-DLMcDKhLAcwfC2gPWTFYTW4x_pzVH0LCFlgfimpxE
.quantserve.com/	1970-01-20 15:36:18	Name: d Value: EHIBCQHDKYEA
.ctnsnet.com/	1970-01-20 22:12:18	Name: gid_CAESEGYjhUyB3VlV2OqAntmdJy8 Value: 1
.ctnsnet.com/	1970-01-20 22:12:18	Name: cid_1ed78662f553420991474e7e30c671fa Value: 1
.simpli.fi/	1970-01-20 22:13:45	Name: suid Value: EA6886EA90E542D6ABDC9BF270D5FD46
.bidswitch.net/	1970-01-20 22:12:18	Name: tuuid Value: cd51038f-2944-49a9-a5e9-d689c33ad896
.bidswitch.net/	1970-01-20 22:12:18	Name: c Value: 1690002741
.bidswitch.net/	1970-01-20 22:12:18	Name: tuuid_lu Value: 1690002742

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/ac2807dd3c6aef9609dd375ab6ffb1ce.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/df21e45190f32118d0d1c295084961dd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/1009b022bc0c8726ec5251eb92019ae2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/99d740ca6e44aec49ad044f648f70962.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/4f9eae13ac0384f284ab75c980b15d50.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/c03399bbfecf17d7a847e521591ed65a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/039e30df3e0163c07264fcb620e00463.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvaHVhLW5hbi1qaW4ta29uZy0yeXVlLXNodWktaG91LWppbmctbGktMTAtMjl5aS15dWFuLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e0640087ed608f1fbeaf89920ca7455.safeframe.googlesyndication.com
97c8ae54f9c6f09a7b6fe57c6caee352.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
b20a9813e2005a0968b4d2b7431dd96e.safeframe.googlesyndication.com
b6e17371a5f8504da6ce025359235321.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d-27996936491020871064.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
dsp.adfarm1.adition.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
gcm.ctnsnet.com
geo.yahoo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsby.bidtheatre.com
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rbp.mxptint.net
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
103.231.174.251
108.177.15.156
13.114.150.222
134.122.57.34
141.226.224.32
141.226.228.48
142.250.181.238
142.250.185.129
142.250.185.130
142.250.185.162
142.250.185.226
142.250.186.100
142.250.186.102
142.250.186.166
142.250.186.66
142.250.186.98
142.250.74.202
151.101.1.44
151.101.129.44
162.210.196.208
172.217.16.130
172.217.16.194
172.217.23.110
172.217.23.97
172.217.23.99
172.64.202.13
172.67.71.254
178.250.1.11
178.250.1.9
18.173.187.51
18.173.187.9
18.66.192.85
184.30.22.30
185.106.33.48
188.125.72.139
192.96.203.13
193.108.153.12
193.108.153.15
216.239.34.36
216.58.206.33
216.58.206.40
23.36.163.114
23.56.202.187
23.97.225.52
3.233.155.176
3.75.10.195
3.75.62.37
34.120.96.193
35.186.193.173
35.186.215.140
35.204.158.49
35.71.131.137
38.98.69.175
52.95.126.138
54.217.214.211
54.249.104.171
69.16.175.10
69.173.144.139
69.173.144.165
69.173.158.64
85.114.159.93
87.248.100.137
87.248.119.251
91.228.74.251
99.84.88.35
01a5dd131c20db2b3c0ad38680265ebd5f15a3991dc695f6cc4ba98c4fbef1d9
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
023ac31659289739d9c0b48b02911f30f61cc50ae2f3fc8246b7a9ca222f5318
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a56e33afd17c0b2631e84ea4fd102b51ec395236c1669f5c087e7782d24e67
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
13e129432b94a6ee2d93a2dc1c94a156941b54a13ce78ff95263fb664ae61276
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1603743989f6b5a42ae1bd409ad120b87d9f50f02392316e3128b2894626510f
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f6e93b6e1ac6b3971bbf06396514d80559a3df081ae53f7f59860b878d6e91
1a3b1695d400c89a26b8ca52d45b00296657628570885225b647aae79a0d6232
1aa3ca37578bdd849c8594804316eede373bf4a8ca2eb50e568fa7503aab83cd
1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e75c734d118fd68144baf014cf587b642e2836f31fe3c17f9d777a60f5be8e1
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26c2b79f7257833b245afabfa5b0e0a016b4313e1b785f6c302e49f1a9550881
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2bb608b662fa6f0e937e5311e9c4dfc07498c307dad6d64092db5922322df301
2bbfa44d4ff116a4f26e3d7ac8a0fae7caced79595ca8d1f01fa47edbccd0b1c
2cf97be90d1f77fac061c4bc519584e8fc6b20d15d5a2463d42d65bdd0299adc
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6
31a9b23d7c28a75109677875e40c9578a55301fec47cd4aa80b9879449d2bb98
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a2cc9ba97d60295e697ea7a430ea4ac8efa5e5f1bb22b24877eb2ae69ab6bca
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f0a771d95f6c92a91c4b218a0293c4abe3a4cab77432cb49e0380f117f4523b
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404d261844e904fded4699e21132fb63c0b4d63cc08aa4b75399013de27205d0
433658faf7facf0548f3eb7d72a57930fe7a68ec8cb3f6b50a1db69128d4f618
43cf7cb66e2f85b0c2a8f28960206a838d9ae94f8216912ee14fa1244075b96a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a46d7ec73a1870c7eb4b6cc414d1403f608b75ad3f7fb7a087ee6a33e888088
4ae2a06a20497b4f5d370f5f9953a35ae67c35e24d4723d7d156b90ce5769da7
4ba2a5f2d74cd9941d09d0da725f620af02aabea20a8f489391240df67552615
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55533fd78df9e4616bf32edd4f32cdaa728ddce9baf089e7eb27c13a85f6e1a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5611aa425bd5b8061d28e252c1fe0b27795e928caa2dcee56bc4d6974d64b1ca
566c85a77f202d9227ce3ec85bcacb79a0970b5b688e43375972cde28883a497
5710f1610a5dda4b819f30d9879c84aac2037793c887e032d3f6e5567ceb8bd9
59474dde19ca46b382b25a0bc65ec8c17aedb39df6070203091c0b215465de9a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5a665354e817890ceaa48988aa784f59042a95e0ce3a239cf9d10379c65ce3fe
5a94c88a570ff153de36e99c25041997a49b38cd9e8d0fb71aa9382c8396820d
5d3951cf87577b414a3b59999c0d83a6186dc59614fbed8a77fd1846a18abda1
5e296f2d894e947198c70f56e6e6417abc3e8bc9b3e8b11ade739803d7cf7ffe
5f4159204d4f6cbbad27a6ff3632b103b968d4d4f7edf25df83b0bead6884db4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
64a81ccc856feb0e26d002c2804b8b9363ebeacbb175242ce165a1ec795934c8
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6bb97a6170bd781e2166ecc1effe2c72c565b734036c3ca3056b0b3cf9b48cd3
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e568ab54a5e6185ca452073b289084b9a955fa13a19d2f4ac43550c99854e07
6ef1cf075dbd0d280b41ee4c1eb5111fbb83ab748a38716b5aa89b517508913c
6fea0c1ead178c609f1164630ecda6668d468c3b139af8b6291185c3596bc9be
757162372372e82563718d58e7b02c5d1319d40ec0e689669d4468bfc639b463
7619ea2f1e016910a5e69cf4e06778ee1ff2dec1b6431b2011407a6d4f206318
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7a9c74893bef37552b92e10bd29b691209b986e705a6242e56b9065810bfa859
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fff78c5d7e7b3e7cbd472dd007f835447363b8841c0e683c347c7488df16518
8002c55792af35fba9eaa7258ae38a1c16b2759d0436361779ac4ff915c56180
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88188519fe77336fb1c2efaa1c64e4e060133a3cbec7faa83e16e6543fa0a41c
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
932e6dec5caab7bdec544cb9a595f5105f8a3279e4d943be595f15bab07f43e0
9360c0c71cbd87b2b1483b581be78149a6106088345eaaa14e90d1945df81136
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9626f903381a5c82cbe13b3aa08acc080cb879dd99e43286a2de79b17d443d27
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963
9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45
9f15a3602fade468d5df82692daa0b18a5b24cd99e5cf69f6b509ad2500ea40a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2bce0af9652e7760c9e3716520f6b582780000f30617748e482e864af16cb02
a2f63a4e15c229a5b68d93bacb7f056e34d7f76c9308a48698b116f98aec5dd8
a3d3dfd46fa4833d6953004333dd6239c72d056cba3113e335920f775424fca0
a404c4ae9f691b4e335bba4de87b8abf550e7f10eec2ac18702257ba6ea88397
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61ef9e6f4a967672e4461a472ca4340cb336bea5c3085e1d4dfc3ab6704c61d
a620f147a8af1ab14e6499422bef088a2386887ac3ce081d250d322a3184d50e
a6c8b61553423d1d3901d44b5b6a671c9fb683a16d096c93cf73f85bbf8ce9b3
a70017ea41dc9f934ba43b617d168f160b940074a7dedace607efe6afe91cc9c
a8ab76e93873a39ea087323760a6de4b151d6c4222dc923e9fe011c2aca89632
a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c
a93860bb505029e6bcfb78ca9de8af498a3378aa64b2e515cafd9ab6ecb2bacf
afa8fd95e1c43f528add92ba2fdca929232671f6db803b744d796c3e99fe20c9
b113baa1a8a720263c51ab0c3866a585f75aaaebebd156e7991b7dd03b670e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b393065f31b0140779aab2af150e1e39c75cddd31a0ef18a72d6274c6d6a06a5
b4c05ebc89dfddc0f2d656e791ac3b5fd3339e1b56939bfeccd1f94821cd6fd5
b6254a4a16a3e6d4818042ae58d978e69b6bd8cd6a856b028c0eaec63a83b7de
b80db6d6bc640d4783d24271b30f3064d740941e838b4561eb9d1f553973376e
ba05525a0ea539b70649de4e9e03e5100ae3fa37a76dcf49ab538a6a46fb680f
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9
c023bc2e998dd1817f11b5a58845da05067a2f79d734e3e45f61a6b898bb1ac0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288
c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628
c7868c4a497dcbf5f97d2f2e8de58d03262dfc59426eeeaa86a54b7f2e0ea190
c8f1724bd314bb1545a4155a2a52edcf6bedd5717cf18fde816f9979e8fc8abb
ca9d535ccdbcba54485c8601295e6a865b62efe0937c9c6b0d3f5fe31adbc054
d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c
d4157c995bbcc7922e7e1df182e85408f57447d55f7beb65fe115ec389781be6
d59faa902f69473e25422dbbf653941a9c10e96bc807e3cd317aa498a451a0e7
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
dc23b4ceab3b70521bc14214b10fac493b43dc1c4039fb624654211999ee1979
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40bc92d1ba06c13ea9fe286ef0f27983eb4c893367e1dc57704083730651dbd
e4809703efa16fbfc2b47af8a956f881ac3acbe51285d2aa3b48cbad2ae80b8d
e6b0cd18b22c828262a7d11f4e7b8608f0b9d1868f819b03530e34c10f8f58e5
e8e7f25e76923cdf5e3b0bbc96fab3e8d08575d2f87c478e23fb8e98530a9d90
e9c8496ff943b8fb9f5a0db6eeacf962672ece3c148ceb444dccd351d8f90f7b
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef21ad645fcdb18d305ab4a3195a493252273b214acff6b4d712fc957806adf0
f3779f5586454c26dd37e8267e0d0776fba8567a8930229f2d754b0b690f0e72
f3c879914d9a82ab04ab0c71a0742118ce04a623adafef82fc991e10ce0e1adc
f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8fb92c80a478c3a65795616335c2067b333034ad6dc46c0730744887de9d10d
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb4c1dd1f55eb400d83c5d45b324b4fc9f027d000feae1244d025f6359e19d83
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

296 Requests

94 %HTTPS

0 %IPv6

40 Domains

81 Subdomains

56 IPs

9 Countries

4822 kBTransfer

12167 kBSize

24 Cookies

31 Outgoing links

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

94 %
HTTPS

0 %
IPv6

40
Domains

81
Subdomains

56
IPs

9
Countries

4822 kB
Transfer

12167 kB
Size

24
Cookies

296 HTTP transactions
3 data transactions