www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Submission: On July 28 via manual (July 28th 2023, 7:56:40 am UTC) from US — Scanned from PT

Summary HTTP 310 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 36 domains to perform 310 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
5 14	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	104.26.5.103 104.26.5.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.202.106 2.16.202.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.16.202.84 2.16.202.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	13.112.76.83 13.112.76.83	16509 (AMAZON-02) (AMAZON-02)
42	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
8	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
16	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	91.228.74.208 91.228.74.208	16509 (AMAZON-02) (AMAZON-02)
2	2.23.209.36 2.23.209.36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.39 108.138.7.39	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
1 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
1	18.66.97.30 18.66.97.30	16509 (AMAZON-02) (AMAZON-02)
2	52.198.195.5 52.198.195.5	16509 (AMAZON-02) (AMAZON-02)
2 9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	18.66.97.129 18.66.97.129	16509 (AMAZON-02) (AMAZON-02)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	54.217.214.211 54.217.214.211	16509 (AMAZON-02) (AMAZON-02)
24	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.67.157.9 3.67.157.9	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
2	87.248.100.136 87.248.100.136	34010 (YAHOO-IRD) (YAHOO-IRD)
2	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
310	53

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.96.203.13 (Manassas, United States) 5 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-106.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.202.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-84.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.112.76.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-76-83.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

d-17574203392033144159.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.201.255.110 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.209.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-36.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-39.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.198.195.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-129.fra56.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.217.214.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net

34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

rbp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.157.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-9.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com 3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com 5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com	971 KB
64	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 861 trc.taboola.com — Cisco Umbrella Rank: 616 vidstat.taboola.com — Cisco Umbrella Rank: 2544 il-trc-events.taboola.com — Cisco Umbrella Rank: 18940 images.taboola.com — Cisco Umbrella Rank: 1756 imprammp.taboola.com — Cisco Umbrella Rank: 13588 am-match.taboola.com — Cisco Umbrella Rank: 13614 wf.taboola.com — Cisco Umbrella Rank: 2645 am-vid-events.taboola.com — Cisco Umbrella Rank: 12767 vidstatb.taboola.com — Cisco Umbrella Rank: 4741 pips.taboola.com — Cisco Umbrella Rank: 1537 cds.taboola.com — Cisco Umbrella Rank: 1770 am-wf.taboola.com — Cisco Umbrella Rank: 15060	1 MB
30	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	780 KB
24	rubiconproject.com 5 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155 eus.rubiconproject.com — Cisco Umbrella Rank: 618 token.rubiconproject.com — Cisco Umbrella Rank: 613 pixel.rubiconproject.com — Cisco Umbrella Rank: 380 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1195	48 KB
14	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 34825 sync.aralego.com — Cisco Umbrella Rank: 3157 agent.aralego.com — Cisco Umbrella Rank: 259927	10 KB
12	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13254	204 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 427	220 KB
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1659 www.google.com — Cisco Umbrella Rank: 3	14 KB
8	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 ads.yap.yahoo.com — Cisco Umbrella Rank: 13862 geo.yahoo.com — Cisco Umbrella Rank: 1344	3 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 18007 e3.adpushup.com — Cisco Umbrella Rank: 18875	277 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58 region1.google-analytics.com — Cisco Umbrella Rank: 1914	788 B
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 96246	39 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 319	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	794 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62021 sync.logly.co.jp — Cisco Umbrella Rank: 67250	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26212 audiencedata.im-apps.net — Cisco Umbrella Rank: 28818	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 561	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	113 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 607	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 746	638 B
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 973736	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	916 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	83 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 29387	12 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	147 B
1	mxptint.net 1 redirects rbp.mxptint.net — Cisco Umbrella Rank: 4810	696 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1198	633 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	1 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20002	3 KB
1	ampproject.net d-17574203392033144159.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 417	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88617	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
310	36

	Domain	Requested by
40	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.bg3.co tpc.googlesyndication.com agent.aralego.com www.googletagservices.com
24	tpc.googlesyndication.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co
18	securepubads.g.doubleclick.net	cdn.adpushup.com cdn.aralego.net securepubads.g.doubleclick.net agent.aralego.com www.bg3.co www.googletagservices.com
16	il-trc-events.taboola.com	www.bg3.co
14	images.taboola.com	www.bg3.co
14	cdn.taboola.com	www.bg3.co cdn.taboola.com
12	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
9	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
8	www.google.com	tpc.googlesyndication.com
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com nt.compass-fit.jp imprammp.taboola.com
7	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
6	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
6	token.rubiconproject.com	1 redirects eus.rubiconproject.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	agent.aralego.com	4 redirects
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	www.google-analytics.com	cdn.ampproject.org www.bg3.co
4	trc.taboola.com	cdn.taboola.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	geo.yahoo.com	adx.holmesmind.com s.yimg.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cm.g.doubleclick.net	1 redirects eus.rubiconproject.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	x.bidswitch.net	am-match.taboola.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.bg3.co
1	pixel.quantserve.com	www.bg3.co
1	ups.analytics.yahoo.com	am-match.taboola.com
1	rbp.mxptint.net	1 redirects
1	id5-sync.com	eus.rubiconproject.com
1	3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	imprammp.taboola.com	vidstat.taboola.com
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	fonts.googleapis.com	cdn.taboola.com
1	l.logly.co.jp	nt.compass-fit.jp
1	secure.quantserve.com	cdn.adpushup.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-17574203392033144159.ampproject.net	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
310	72

This site contains links to these domains. Also see Links.

Domain
4d3868.llsdzktnxwnnr.com
popup.taboola.com
trcclick.com
pjbmu.com
1t5cbr.llsdzktnxwnnr.com
track.infinite-track.com
www.conselhosetruques.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 48 frames:

Primary Page: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Frame ID: 1B7F4BDE50E90453A8D36D100F8D26D3
Requests: 148 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8A84B3A214FB617F8803B48D0478E619
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: F79B1897CC09C4EC5351301635261FC3
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 24B7AEB77768873AE6231926D8F638F0
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 00250A5585839CAB372FCDB62BD74FD5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 63DFDA7E70D20712C66D7CEA9FFA3498
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 918555FC1ECDFFFBD7A1937BCC8DF3C7
Requests: 6 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 1BFAABF1F8538395A9D8F9740491BB3D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 088BDC60CC06A7BE3D5E5BFB97B48211
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-27091182952472039968&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3476&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=836005323&ga_cid=amp-wLlRbjA8A3JgAMwiv6OG_A&ga_hid=5323&dt=1690530991814&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&bdt=3400&dtd=125&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 5FDEFBA22AACF41F6BA556D8BFFDE51C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-18449247263122249403&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3486&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=836005323&ga_cid=amp-wLlRbjA8A3JgAMwiv6OG_A&ga_hid=5323&dt=1690530990517&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&bdt=2103&dtd=299&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 6B44E632D22796C1C4D22A3C090A438B
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: C44F5E7791A3C4F8CE131B409C75FAF5
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690530992296&uv=3308&tms=1690530992296&abt=id5mc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=eef0c787-7931-4f39-8052-bf6be722cdf8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 73DDC33AEA238F86D4C106EF5F0A78EC
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 1FE59E32FC943A983E43B8AAEFE22AF0
Requests: 4 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 45143DB9924009473507892D82DCCDB6
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: BEFDC97A9FD8247B31F8F0614FAC160A
Requests: 4 HTTP requests in this frame

Frame: https://34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A6AA7E0557647C02436E2A3565C7C8CA
Requests: 1 HTTP requests in this frame

Frame: https://3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3489106112E39495FD665E53F256FD56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A9A26D5E3E730BEB1819D0C7ECD7A80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8121E7F4853B5ABE4022FF54D1402152
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4EFB154B97F319A1AE073BC20C1D01BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B4A48AB6F03F539E366C603463A05F71
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C014180EF47F440C7EF9BA819278C772
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD562A2E500688BA5D9F85009F6C2CDD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCDD1A15101017BDA4EF744F813E478D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FAE90D5F6E8B3ED617EA32F11F215BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 452A4D852F84A6998773BB2F8B9DDE1D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A3006A9EF2CD4AB5691B59FE20A7AE3F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C8F2FBD283C307558ABB555902BBBC6F
Requests: 6 HTTP requests in this frame

Frame: https://e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 822A73A8A349BA523CADD2585EC162A8
Requests: 1 HTTP requests in this frame

Frame: https://5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: BB0CD3C3403AD287A85630341EC3D667
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7XzviKTv8Rvr5afbz5UGq6mEib0xHQ6dIX-Whf_leVC27oJWyu3neSUrCMmf3s2O05_O6lMb5RCHjaFWMv0BPKRdv_peA1c_YdbkxJHSDdaiVAPUdaoZjymfgJAF-tqKmp5iHHj04G7K_nHaD91haCshKkaYNCabw6MiotXz_GFZmAWljAkXk7ETRziafhz62Jc3WpF0DfQfx9u28SMrrhUopqMcexyR4gmGQgCqeTeLxtXFOHDWtE3TRrPjSz4aMK0uMzx8fq2aaI9Cz0gRhL1iXa6QrQReUuPw_4zd2zx9FTwxBkAh37bfbQ-46tMQP0vSjBn7KeJ_nfJ0&sai=AMfl-YQk1VPztvtNt54mscG4Zs0t0FB0loTZgPsrZkO3Oco6jAu6XCZD0b5OhaY5KkRu5U3reNdVr_7xUH6cIcBVE4MTYgGME95JnB8quQ&sig=Cg0ArKJSzIYCrjeLbJSXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5E76A695CA3EAE154790B0178EBDB56C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9E2C6588669FB70FDA223C2B0880439
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED6B6E5274AEC80A5DC2B9337CCC8B35
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-UHznlV-tbAxgZcNS_GimztL3dcA7uRxO5z8x1RjoXbVtigPiz5ymaKhShSXY0MpYUu4MuqfEgZN20PkAI3uDhVn46UZYhqTa2yWyx1MjY8mHH9j5f-zSCkR7Jdagdw5tHFWQV7A2vQmh7tNdTdsDlZYnSNs83dVGFUINmBYELgugotiJg4rRvkkqahKm-rOUX1yBCzfKYfArw8RidFg-VxxWNv-KtUKrniLYhvrffIDG43KW6F5_A6whEk4UhhHq-Va5aClUMSOaJD5fJhJLRXflsVU_IpPF_PDJ9qGf58FsJOsrPlXlsGSNgWpcZ8Q-6uzm79GUHNr0deY&sai=AMfl-YTieoJaxm-yQBlgbMQTfsPB5dU44q4lfKH3e3ZqZbLQiZfLWHe_LXG0WdzF3LbR0iOM8VxRG0eq69SuvA1JPPOB46n8U7hTab_twg&sig=Cg0ArKJSzErWerH4hf2-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5EEF9279C46B33BF1C83806290C327DC
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E29838F42F745178BBB915487689179
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D28195294A880A0F547DC8894CBE9B3F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 00FF4CF4D0B359E81C8079B672B4D0B5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 287B529B310678152BED109FC45CB078
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: E41DCD9910829CDB4A02ABE38907F425
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1690530999&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998646&bpp=6&bdt=766&idt=323&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=3382851952064&frm=8&ife=4&pv=2&ga_vid=1530646568.1690530999&ga_sid=1690530999&ga_hid=981620664&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4158074664&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076444%2C44788441&oid=2&pvsid=1747487317596306&tmod=198848231&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tjs5dh2p480g&fsb=1&dtd=377
Frame ID: 29EF1AC22BAACE96C16580B9305448CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1690530999&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998646&bpp=3&bdt=766&idt=339&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3382851952064&frm=8&ife=4&pv=1&ga_vid=1530646568.1690530999&ga_sid=1690530999&ga_hid=981620664&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4158074664&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076444%2C44788441&oid=2&pvsid=1747487317596306&tmod=198848231&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.iq0i0s5vrpwe&fsb=1&dtd=434
Frame ID: FAFB9EDF1DD91E48672DCFD9559CF18A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1690530999&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998829&bpp=10&bdt=1002&idt=267&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&nras=1&correlator=529474552688&frm=8&ife=4&pv=2&ga_vid=500135206.1690530999&ga_sid=1690530999&ga_hid=1472079234&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3375910278&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076444%2C31076491%2C44788442%2C44797800&oid=2&pvsid=3175003955036800&tmod=1146283455&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.dqi6uxyi2n1t&fsb=1&dtd=316
Frame ID: 898B5B3A147CF88425AFE9F471056A65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1690530999&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998829&bpp=4&bdt=1002&idt=276&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=529474552688&frm=8&ife=4&pv=1&ga_vid=500135206.1690530999&ga_sid=1690530999&ga_hid=1472079234&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3375910278&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076444%2C31076491%2C44788442%2C44797800&oid=2&pvsid=3175003955036800&tmod=1146283455&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.sxqgy634ek09&fsb=1&dtd=362
Frame ID: 849260EBD9C053594A1008328593CA7C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0CB6807ED54A19770653ABF04B78DBDE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBB545605CD25B206D441987DFB29535
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DD22D7FC6CC2B5027DDD790FEE9FEEE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 898B9F93E84BA6043E8B9335A5B2697D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

「電車男」不曾在記者會吃東西　黃子佼：在臺灣是老梗 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

310
Requests

86 %
HTTPS

0 %
IPv6

36
Domains

72
Subdomains

53
IPs

10
Countries

4048 kB
Transfer

12060 kB
Size

24
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://4d3868.llsdzktnxwnnr.com/
Title: Elevador de escada | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trcclick.com/click.php
Title: Elevador de Escada | Anúncios de Pesquisa

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://pjbmu.com/go/5d2cc1e9-c27e-4eb4-bd6c-345831b3435e
Title: Carro elétrico para idosos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://track.infinite-track.com/39365bf6-4359-4f5d-9eba-c4250ca6c1df
Title: Reparação de telhado | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/varios/senhora-cadeira-de-rodas-escadas-aperta-o-botao/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 69

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 72

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 134

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 139

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690530992&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530991398&bpp=22&bdt=1676&idt=664&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=5610831161480&frm=23&ife=1&pv=2&ga_vid=562899313.1690530992&ga_sid=1690530992&ga_hid=140737257&ga_fc=0&ga_cid=amp-wLlRbjA8A3JgAMwiv6OG_A&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2716&biw=1600&bih=1200&isw=336&ish=280&ifk=991570747&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076087%2C31076341%2C42532317%2C44785294%2C44788441&oid=2&pvsid=1222258527003720&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dl19gjz9brer&btvi=1&fsb=1&dtd=852 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 146

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690530992&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530991421&bpp=21&bdt=1750&idt=695&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=5610831161480&frm=23&ife=1&pv=1&ga_vid=360862685.1690530992&ga_sid=1690530992&ga_hid=2118209903&ga_fc=0&ga_cid=amp-wLlRbjA8A3JgAMwiv6OG_A&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=999651541&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076342%2C44788441%2C44797785&oid=2&pvsid=4405962502420422&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.99aoxv395bkj&fsb=1&dtd=912 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEINihl2lBRB4uNHDCvCMym4&google_cver=1

Request Chain 172

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5vS0KS4rQ6eL8jWvfjZoSQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vS0KS4rQ6eL8jWvfjZoSQ

Request Chain 173

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 174

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=ZMN0sQAA9uH_OgA4 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZMN0sQAA9uH_OgA4&_test=ZMN0sQAA9uH_OgA4

Request Chain 176

https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1164 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5386090009127793644

Request Chain 177

https://rbp.mxptint.net/sn.ashx HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_10682D444_142A3B5EB&expires=60

Request Chain 217

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 219

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 275

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 276

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

310 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html Show response
www.bg3.co/a/ 55 KB
16 KB 1666ms
1123ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3f79f1bbbb0546c60a65cd629390650c7aa72c2bcde35afedd56d17e67e4bef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 07:56:28 GMT
etag: "dc31-7iIGG+12+FMCjM1Vv2/MibXmAaM"
expires: Fri, 28 Jul 2023 08:11:28 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 329ms
131ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72978
x-xss-protection: 0
server: sffe
etag: "c0980513e2e94248"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Jul 2023 07:56:28 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 296ms
98ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9690
x-xss-protection: 0
server: sffe
etag: "bf0e1f4c4e9c9147"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Jul 2023 07:56:28 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 237ms
90ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 07:56:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7621
x-xss-protection: 0
server: sffe
etag: "87192053f7ea25a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Jul 2023 07:56:28 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

381ms
61ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13659
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n2iIaP8UD2mzE9s%2FQnIwOHmMlggBDplu5nBp5x4M9q4%2FN%2F3YdAoR4Gr3BoMl%2FKwLT9Is9fbJVsYESx2fseP0L0hnEP6FD3BBGR1Hv0HCU0y1H%2F73ZSFa9kIUwXmH1HQQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7edb90dc4eff48a6-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 379ms
190ms Script
application/javascript 2.16.202.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-106.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:28 GMT
content-encoding: br
last-modified: Fri, 28 Jul 2023 07:00:35 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Fri, 28 Jul 2023 08:56:28 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 649 KB
136 KB 393ms
156ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 554f41c382c558ca5515d29a6ae43ca483e4f8b4277293f825e3aea1efb03380

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:28 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 10:59:21 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=70, ak_p; desc="469591_34654796_456807873_6928_1493_39_0_146";dur=1
x-cf-geodata: PT
content-length: 139299
expires: Fri, 28 Jul 2023 08:56:28 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 399 KB
48 KB 350ms
246ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86195014b2476ea609c147c86ffca7082fb59d5c2cd9d1d67f8706b93ec5164e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qW6d.Zg4BbVWBfaFJZoMUUWX9JUTZqmW
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:28 GMT
x-amz-request-id: DS1TP15HDKMW2JQT
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 49034
x-amz-id-2: d0y+ph5a8d4xokFaHr0ecUE+ih/yiyBXKRRRVxMVZn2g4/nPF5QOEcdVJYrIZHbvpXzrq3VGGs4=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:47:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530989.610743,VS0,VE198
etag: "746b1af5916b0fc93a132e8906d5cb48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 2181ms
541ms Script
text/javascript 13.112.76.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.76.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-76-83.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fb9538cadd0dab9bd0b70439b417107105d6d3b34bc92eb6e35612f23f1a7c1e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET da2afcced71c4f3e5a22022d6c0c6d3f.jpg
static.bg3.co/imgs/202105/ 0
0

GET 24abe73165b5cf4d10c5dda8ca7b4ca0.jpg
static.bg3.co/imgs/202105/ 0
0

GET c3dab33269c8a5d6e1f5564ef0a0ff10.jpg
static.bg3.co/imgs/202105/ 0
0

GET a797b8f26b5b1dfcd822bde94cf9408e.jpg
static.bg3.co/imgs/202106/ 0
0

GET dd6e7d7dff0b0d35266d46d46d323472.jpg
static.bg3.co/imgs/202106/ 0
0

GET 789c409b24a2191427e70a853db004e4.jpg
static.bg3.co/imgs/202105/ 0
0

GET b3b92509ebfa123b9caca689cd662bce.jpg
static.bg3.co/imgs/202105/ 0
0

GET 24e40e85ab818bad083b51e7400ff72e.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7a4efbba0ce915166476182464d42b07.jpg
static.bg3.co/imgs/202105/ 0
0

GET a15f6b36618e2a05c45f9f8821003222.jpg
static.bg3.co/imgs/202105/ 0
0

GET e4aaabae2ebb04d9fd2eb111a01cf8a1.jpg
static.bg3.co/imgs/202105/ 0
0

GET 3b0b77b22fe390bfb5345e87a4d71b4b.jpg
static.bg3.co/imgs/202106/ 0
0

GET e7db1caa08c672ac716ea28e1a307b0b.jpg
static.bg3.co/imgs/202105/ 0
0

GET c6cd42ccecb8f825582a782040fea0df.jpg
static.bg3.co/imgs/202105/ 0
0

GET 3e93a3331b22df6e36c0ca2a5102508a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 2ed722b2c16f05a4fb398d6e1612deeb.jpg
static.bg3.co/imgs/202105/ 0
0

GET cf4725d08015ae6434cd0166c7747382.jpg
static.bg3.co/imgs/202106/ 0
0

GET 6ad8e056650dc60fe109c8759a071b7e.jpg
static.bg3.co/imgs/202105/ 0
0

GET d7aa6add2a89d9f16ed01c22cc69454e.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4cfce270384a91ab26e9e441d7a0d0e8.jpg
static.bg3.co/imgs/202105/ 0
0

GET e651b034545f6f775e4434b66b5d5f5f.jpg
static.bg3.co/imgs/202105/ 0
0

GET d641c85e014e0993fcf683974523c15f.jpg
static.bg3.co/imgs/202106/ 0
0

GET 195dd03d1da9a3ca7bcd1d92ada03ba3.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4b4b660bdf46981ad823bf30909514fb.jpg
static.bg3.co/imgs/202105/ 0
0

GET c849650b0c3bddaeb917debe2de4b0df.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8660c1efe8a1493afd2bbd35ed5d397a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 3133c44daa010bf68acf86c16ea7db11.jpg
static.bg3.co/imgs/202105/ 0
0

GET 630418722b9f36a91e6ee853d5a3df67.jpg
static.bg3.co/imgs/202106/ 0
0

GET b1b917a10eff123d66832aa742db0228.jpg
static.bg3.co/imgs/202105/ 0
0

GET 09339ad41791c03fac5839f8a5c84433.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0206532dd219777e4cf6131148b14c72.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 8 KB
4 KB 391ms
155ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 06:46:25 GMT
age: 4204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3031
x-xss-protection: 0
server: sffe
etag: "ab4976f290799864"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 06:46:25 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 82 KB
23 KB 382ms
157ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Jul 2023 18:32:11 GMT
age: 134658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
server: sffe
etag: "79cbf92139ba05f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 18:32:11 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
819 B 502ms
183ms Fetch
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ca66d86191935dda4bb067804600ef739a1ce8b11616cccd179b66a2292dcb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 471
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 13 KB
4 KB 423ms
221ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Jul 2023 10:14:47 GMT
age: 164502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "41886e59cfb0dca0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 10:14:47 GMT

GET
H2 200 impl.20230727-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 790 KB
164 KB 131ms
131ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P1Qu3yvrKOHpC36FNk8YMgJiSiUmC7do
content-encoding: br
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:29 GMT
x-amz-request-id: X4B0JKW6XD1YSF26
age: 22983
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167336
x-amz-id-2: Ii3mZxmi9aSA4aLZKcX/lz754Pb8COUr5Y9YE7Zy2x/HQBaPeRygA4CdMv3NXyU0eZXwDHCnOJY=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 09:32:23 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530989.341450,VS0,VE0
etag: "5315a99ad6ffedb46c02101d15c92185"
vary: Accept-Encoding
content-type: application/javascript
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 9875

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 347ms
120ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690530989.cdn4-pxy030-mad02.ma1.evs,1690530989.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 171ms
80ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690530989.cdn4-pxy030-mad02.ma1.evs,1690530989.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
613 B 63ms
62ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13512
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DGEYLhhgUs3i6SsCOu02YlEX76Hy3IM0emtDWukQ7Nnb6%2Ft80CvVHneis1gidupPJjlhuiIs3dW9h1bwkgK1iTMrYOLVAgaWgZZ4kZ2mAsQX7OphmMXFbXJewEgvWuw9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7edb90dd887c48a6-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 747ms
150ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: af97598b65e8f7e7ad63df2bb8d9762c9fb7c66b66590ba583c9f8c119861338

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:30 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 699ms
153ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: af97598b65e8f7e7ad63df2bb8d9762c9fb7c66b66590ba583c9f8c119861338

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:30 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 40 KB
10 KB 98ms
98ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 07:05:50 GMT
age: 3039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10402
x-xss-protection: 0
server: sffe
etag: "c578ba47d9485b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 07:05:50 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 377ms
77ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 219510
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 75 KB
18 KB 622ms
611ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=07%3A56%3A29.862&lti=deflated&data=%7B%22id%22%3A930%2C%22ii%22%3A%22%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690487230568%2C%22vi%22%3A1690530989844%2C%22cv%22%3A%2220230727-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html%22%2C%22vpi%22%3A%22%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3576%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2411.765625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f77d26df1da4213e00ab9df87a2d3a51078f94f48a6b0c40ba04d443c52d1ff7

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 563
date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 111473
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
server: nginx
x-timer: S1690530990.908121,VS0,VE563
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 213 KB
56 KB 82ms
81ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:31:03 GMT
age: 206726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57626
x-xss-protection: 0
server: sffe
etag: "3e8e186b2ecc0e4f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:31:03 GMT

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 524ms
227ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.1972865363520393&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:30 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 527ms
213ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.07158133755397778&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:30 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 358ms
99ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="469591_34654796_456808859_782_1246_43_0_146";dur=1
content-length: 122286
expires: Sat, 27 Jul 2024 07:56:30 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
556 B 336ms
258ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="469591_34654796_456808861_950_1110_43_0_146";dur=1
content-length: 211
expires: Sat, 27 Jul 2024 07:56:30 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 280ms
203ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="469591_34654796_456808860_666_1123_43_0_146";dur=1
content-length: 18371
expires: Fri, 28 Jul 2023 08:56:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 368ms
172ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7cc59e52318d6234984dd40fe0edc2d6aef660deea0c3f69e0ac8a0673a1e892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27993
x-xss-protection: 0
server: cafe
etag: 612 / 19566 / 31076563 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:30 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 282ms
83ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTA1MzA5OTAxMTIsInBhY2tldElkIjoiMDAwMEE3MDEtMDJhMTdkMGUtOWE5MC00MjFjLThiM2EtNjc0MGRkMmIwNTQwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpYW4tY2hlLW5hbi1idS1jZW5nLXphaS1qaS16aGUtaHVpLWNoaS1kb25nLXhpLWh1YW5nLXppLWppYW8temFpLXRhaS13YW4tc2hpLWxhby1nZW5nLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IlBUIn0%3D&c_b=3372
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:30 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 282ms
84ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:30 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 349ms
157ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0-YSq_JjD4tAfmyFCJVmKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-0-YSq_JjD4tAfmyFCJVmKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 93ms
92ms Image
image/jpeg 2.16.202.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1690530990218
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-106.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:30 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Fri, 28 Jul 2023 08:56:30 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 110 KB
31 KB 87ms
86ms Script
text/javascript 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:30:58 GMT
age: 206732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32157
x-xss-protection: 0
server: sffe
etag: "908a1aa3777c50a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:30:58 GMT

GET
H2 200 nameframe.html
d-17574203392033144159.ampproject.net/2307150128000/ 0
0 315ms
98ms Other
text/html 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-17574203392033144159.ampproject.net/2307150128000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 2 KB
812 B 103ms
101ms Fetch
application/json 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:30:53 GMT
age: 206737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "c5b3128fd0184624"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:30:53 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 511ms
385ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Jul 2023 07:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vwVkTsKoAm76y%2BbYHWEaNklZh21vAiYtw7RwmFlQ6JkIh4AzZ9bH0JAb0LxLIjYH6Y8K2rbJMTdxoddhaSW5KUSqHdA4g%2BDQmc%2BUtFyTKm6ogqFYjNLOaU8ihux4K1GBnLZ6tNy%2B0xbFw4Ctg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7edb90e2dd6194e8-LIS
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 3 KB
956 B 98ms
97ms Fetch
application/json 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:31:14 GMT
age: 206716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "abaaf95b36ef21fc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:31:14 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8A84 714 B
773 B 59ms
53ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 12920
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7edb90e43f36489a-LIS
content-encoding: br
content-type: text/html
date: Fri, 28 Jul 2023 07:56:30 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jQ1OhUP5jCJtF0%2B1kxX2xF1OX3QiVbrz84lNLHmcbDuXfrtgQtoDmAz6T%2BNe8DVOJg1mHz9OdXXSEcAqLLQ9TsFMG3Mo2Ai0FsKtF7XG1xTZOOuIyohqcK1NS87ZDLXYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F79B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

315ms
89ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 07:56:31 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 28 Jul 2023 07:56:30 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 474ms
152ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:31 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 24B7 714 B
744 B 61ms
61ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 12920
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7edb90e46f54489a-LIS
content-encoding: br
content-type: text/html
date: Fri, 28 Jul 2023 07:56:30 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAUKfOcLeCHXOIFb%2BMj%2BX2u%2BxgZ6OPd2YgYi%2F%2BbUryVDIuzulxEB4lmgJbxyGEiMCJ9O%2BMtO5wwlwo0K7Us3uPIWm35tr5DeHBW4T6FXa2kyDHschYN4WapgUFZYXwjRCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0025
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

320ms
94ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 07:56:31 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 28 Jul 2023 07:56:30 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 63DF 93 KB
32 KB 363ms
189ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7a1f7a33deedb31111130c0fcf52be41ff6b6f65838e4e703c498da5a81ec783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32916
x-xss-protection: 0
server: cafe
etag: 12703119449702609340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:31 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9185 93 KB
32 KB 290ms
135ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

2dd0e8ef48f516bb1a89fb09bae7538cec2367bd467b174e8efcb1434b0829b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32916
x-xss-protection: 0
server: cafe
etag: 5575143539466304804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:31 GMT

GET
H2 200 floating-unit.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 50ms
49ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lOIVqLtwKMwRpZIC41BfVie56mYi1tkS
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:30 GMT
x-amz-request-id: EZHGZ9Z9QZB03B6Z
age: 43640
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: 7X2dmV0rY6/BGBGE1QfxwhZkTmkaH4pLlbx9n/iwStZV1jvO68bZf4GrfIcHsL6CuvAmGfveMUY=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:11 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.884791,VS0,VE0
etag: "0ad8e98b8638363eab678bed577a126f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4645

GET
H2 200 taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 58ms
57ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0gvhJzyWJ0O0fTz1L06njZoewGR.BKOf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:30 GMT
x-amz-request-id: J0NNDB20EKDN1F4K
age: 43620
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: FT5MfRrYR/zExz42yYduwydAOQgBt2WTbDkhsq7fiFfcxEmHrHZCWM5/0Mk0b5hWWkDy4UfP2Bo=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:30 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.898676,VS0,VE0
etag: "8295deef603701ecd7b23f274d2080a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3393

GET
H2 200 distance-from-article.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 62ms
62ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: H29hTfV7P2oHV7BwXErg14vnCJS0E5.j
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:30 GMT
x-amz-request-id: NZDXKYXXPCY5HS4Y
age: 43652
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: rFaWf+A7UQIe+pvfkM4pni0hXtGzgIucACYiWN44V/dEaJKSAP+4RZYHC0C1ii5zWKJcxtvgru0=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:48:59 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.976497,VS0,VE0
etag: "8db15f3ca0ef2fc76b365691189d41f2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 26389

GET
H2 200 article-detection.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 49ms
49ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cliTL8LcmrnnctECk9IY4Fk7XUYz33TI
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:30 GMT
x-amz-request-id: 3YZY62G1AXWRRENT
age: 43659
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: /cgHdalM8GD3h9e2pe6rXU6Q/VKqykDyogTwj0kX7YTbe6OqQxNVj4aAX3Zb/TLhAEdlngat47I=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:48:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.976588,VS0,VE0
etag: "2ddb5ce84174e516dfa7d41f580c44f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 26398

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.6/ 123 KB
35 KB 55ms
51ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:30 GMT
via: 1.1 9286764bc0c8327719870fa33a225c9a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 75175
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35355
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 11:02:49 GMT
server: AmazonS3
x-timer: S1690530991.986537,VS0,VE0
etag: "23fd6bc627e1f80544a173529f6c0abc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 20IPOPP-LHgPz2jF0Ol30SqS7QgTJOXsGvlKAmpauBDpL4IOseRg_w==
x-cache-hits: 2148

GET
H2 200 feed-card-placeholder.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 53ms
53ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Rbw.KtFFcl6891f7eSW7toOHxnX5YFQk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:30 GMT
x-amz-request-id: MRKWFTPG4AR037SA
age: 43646
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: WLiNX8QI5Yu1U9Y2yjkAPfROGkqBe1CD6/fohI5Xnij6MTs+8ay4u7Z4hK2t4KrsmyXQnsy2w/Q=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:05 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.986527,VS0,VE0
etag: "d72141d67c328c0ef8b577abb34b370d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 18861

GET
H2 200 userx.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 63ms
63ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bvuGEg9hoMWlO.GRq5jfKUZQBgoyuWtQ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:31 GMT
x-amz-request-id: F8S4JZWX7SA8800S
age: 43617
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: +/eOg4Fr8ay2FfC+odeg72S1ZnfLBuu7XJdfYvykFr9c02bsNCrByjCjT/+K2v+8kqB6h3Dm5Pk=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:34 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.004517,VS0,VE0
etag: "fb1f0beee9fcbe2ba80b90fb585a8044"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2695

GET
H2 200 explore-more.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 53ms
52ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pSp4cz5yBLvYhz4W1vhjVY7CNkf7uUNo
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:31 GMT
x-amz-request-id: 642J23KQWC7ZPARJ
age: 43647
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: pFlOprxe11WsJhN8e+E1g2b25yO5oOkUzEeWze9/VfWz+yH8NyXNOLWOK+cN2HEx5ANjCZErnEg=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.096099,VS0,VE0
etag: "edf758b47d6a232675d6fc2d5521396c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11466

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 441ms
152ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=07%3A56%3A30.862&id=3846&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 440ms
151ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690530990874%7D&tim=07%3A56%3A30.874&id=989&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 442ms
154ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690530990910%7D&tim=07%3A56%3A30.910&id=111&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 441ms
153ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A56%3A31.074&id=1647&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 423ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A56%3A31.093&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9979&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75942

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 422ms
134ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A56%3A31.130&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=555&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75942

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 148ms
142ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A56%3A31.140&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=775&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75942

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 187ms
182ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A56%3A31.144&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6631&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75942

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 195ms
189ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A56%3A31.157&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6673&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75942

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 80ms
78ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:31 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 66
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530991.191342,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 55
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8A84 81 KB
27 KB 213ms
201ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f0480aee6ade54e46905f153d6ca4b745ba051d3bd1537a35f742b2a6fbe3c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27704
x-xss-protection: 0
server: cafe
etag: 891 / 19566 / 31076568 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 24B7 81 KB
27 KB 246ms
245ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d644b30cc2f464aea3f2c02180358ee4e5bb22746ee2e7c0c4553d77b218dc20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27619
x-xss-protection: 0
server: cafe
etag: 934 / 19566 / m202307200101 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:31 GMT

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_930%2Cw_1240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 47 KB
47 KB 89ms
80ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_930%2Cw_1240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a4548871347cb4749b2f4c307a836d7c9fa46726d9bc86833d69cebd876d9f4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_930%2Cw_1240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 4270750
edge-cache-tag: 535745196937353868742743497463140311808,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 483
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.mediariket.se/
content-length: 47652
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000097-IAD, cache-iad-kcgs7200116-IAD, cache-sna10740-LGB, cache-iad-kjyo7100144-IAD, cache-lis1490035-LIS
last-modified: Thu, 11 May 2023 16:35:00 GMT
server: nginx
x-timer: S1690530991.360982,VS0,VE1
etag: "ac4b4de6995963e88264c1a9bae6c6ed"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 4, 1, 8, 1

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
32 KB 60ms
57ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bea31d82a530e0029178c357c553cf13aba4df2fd7390900d27eb77975740d02

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 1345059
edge-cache-tag: 535745196937353868742743497463140311808,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 304
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 32454
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200153-IAD, cache-iad-kiad7000096-IAD, cache-lga21978-LGA, cache-iad-kjyo7100068-IAD, cache-lis1490035-LIS
last-modified: Tue, 13 Jun 2023 05:17:28 GMT
server: nginx
x-timer: S1690530991.361247,VS0,VE1
etag: "296eefea6b232fbc4c2b1254283620d1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 122, 1

GET
H2 200 430aa6e2f6d57167ad2a2af73d1a825d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 54ms
51ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c72a836b84a634d453a61083ef8ab26c4558ba4b310fdb4df1e86ddef6b2fbd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
age: 1995432
edge-cache-tag: 504611621092814767118893195884591538402,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504611621092814767118893195884591538402,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 365
req-referer: https://m.youm7.com/
content-length: 23664
x-request-id: 6c6f09a9581bc38de9e7d1dec4748dbf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200173-IAD, cache-iad-kiad7000124-IAD, cache-lax10676-LGB, cache-iad-kiad7000052-IAD, cache-lis1490035-LIS
last-modified: Fri, 23 Jun 2023 14:40:16 GMT
server: nginx
x-timer: S1690530991.361237,VS0,VE0
etag: "1696859bac433022a178388e66c54bca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1585, 6

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 81ms
79ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a483647e3045f6f8835b3cba32fde7c4a51d45be87661f5b74a0a4277e6af7fb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 2127115
edge-cache-tag: 629278368362485812204278233016319296852,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 439
req-referer: https://d-2750774482671106744.ampproject.net/
content-length: 17684
x-request-id: c7885c8b973adb1f4fb7de129d9e62d5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kjyo7100178-IAD, cache-sna10751-LGB, cache-iad-kiad7000129-IAD, cache-lis1490035-LIS
last-modified: Fri, 23 Jun 2023 03:33:32 GMT
server: nginx
x-timer: S1690530991.361328,VS0,VE1
etag: "016e285c68605761da7c71cc21e6ef69"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3455, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 60 KB
61 KB 51ms
50ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 3264916
edge-cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 312
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 61196
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200088-IAD, cache-lga21939-LGA, cache-iad-kcgs7200146-IAD, cache-lis1490035-LIS
last-modified: Tue, 06 Jun 2023 14:49:00 GMT
server: nginx
x-timer: S1690530991.419399,VS0,VE1
etag: "41f70f4e09383f37d26f3a047e8d7fbc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 873, 1

GET
H2 200 335fa458bf62a0be81a46efb54279be1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 66ms
66ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5710f1610a5dda4b819f30d9879c84aac2037793c887e032d3f6e5567ceb8bd9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/335fa458bf62a0be81a46efb54279be1.jpg
age: 4750295
edge-cache-tag: 430001604877904240313987470853192494116,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 430001604877904240313987470853192494116,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 103
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abola.pt/
content-length: 18360
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100125-IAD, cache-sna10726-LGB, cache-iad-kiad7000029-IAD, cache-lis1490035-LIS
last-modified: Thu, 11 May 2023 15:44:18 GMT
server: nginx
x-timer: S1690530991.431605,VS0,VE0
etag: "084055f5a37a3ecde202aa2cf76f8cf0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 48, 3

GET
H2 200 392f449e1cf7d46ec6df7a9664140255.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 68ms
67ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/392f449e1cf7d46ec6df7a9664140255.gif
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 458ba574ef845a0859bcc625447ee7dddf683cbb650b7054db0e5ce9ccaa397b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/392f449e1cf7d46ec6df7a9664140255.gif
age: 1522810
edge-cache-tag: 412755165254667254907014500624106926414,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 412755165254667254907014500624106926414,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
content-length: 24448
x-request-id: 003326e3f544368f99dd26dccd50dcb5
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kjyo7100020-IAD, cache-iad-kjyo7100135-IAD, cache-lis1490035-LIS
last-modified: Mon, 19 Jun 2023 16:45:50 GMT
server: cloudinary
x-timer: S1690530991.446577,VS0,VE1
etag: "3c0ee592d5e4a75819d462b4f1add22a"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 9, 1

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 50ms
48ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3d3524cbd38b9e98fc312d3aa6db8ee6cc873ba13332dab5bf8fa68033f347a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 3504879
edge-cache-tag: 535745196937353868742743497463140311808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 317
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://thethaiger.com/
content-length: 37620
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kjyo7100053-IAD, cache-sna10726-LGB, cache-iad-kcgs7200098-IAD, cache-lis1490035-LIS
last-modified: Tue, 13 Jun 2023 07:42:28 GMT
server: nginx
x-timer: S1690530991.446710,VS0,VE0
etag: "b5860d3e7bbdde82ca9f71209ea9bbd1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 128, 2

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
70 KB 56ms
50ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 3599882
edge-cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 399
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 70920
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kjyo7100036-IAD, cache-sna10723-LGB, cache-iad-kiad7000022-IAD, cache-lis1490035-LIS
last-modified: Tue, 06 Jun 2023 13:58:16 GMT
server: nginx
x-timer: S1690530991.495685,VS0,VE0
etag: "1c90d421946f35c8a49a65461da750a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 797, 3

GET
H2 200 430aa6e2f6d57167ad2a2af73d1a825d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 62 KB
63 KB 75ms
74ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b99de2e4c121d06c1569852abd5e4bdaf0fcb229411b60ae9e672d0fbe0a7797

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
age: 1996229
edge-cache-tag: 504611621092814767118893195884591538402,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504611621092814767118893195884591538402,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 226
expiration: expiry-date="Mon, 24 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.youm7.com/
content-length: 63732
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100174-IAD, cache-iad-kcgs7200101-IAD, cache-sna10733-LGB, cache-iad-kiad7000083-IAD, cache-lis1490035-LIS
last-modified: Fri, 23 Jun 2023 14:40:16 GMT
server: nginx
x-timer: S1690530991.495719,VS0,VE1
etag: "9127762ec24aad9690ce58631b3863d3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 9, 15, 1

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 55ms
54ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f9e2d42205b6a1c720cd33802edbad14351854bc4425726a291e9baed286a6f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:31 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 3803163
edge-cache-tag: 629278368362485812204278233016319296852,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 184
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.etonline.com/
content-length: 38042
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200040-IAD, cache-sna10738-LGB, cache-iad-kjyo7100147-IAD, cache-lis1490035-LIS
last-modified: Tue, 13 Jun 2023 23:16:18 GMT
server: nginx
x-timer: S1690530992.516693,VS0,VE1
etag: "89095844a4b84ab8e6c0ad21f5274d7d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 1413, 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 276ms
87ms Script
application/javascript 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 04 Aug 2023 07:56:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame 9185 363 KB
124 KB 195ms
192ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b5873f5ac42a0c27f204fc3ca01661c07a28c52b1f8ceb145746644ebe637360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127313
x-xss-protection: 0
server: cafe
etag: 1244734011078929073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame 63DF 363 KB
124 KB 262ms
256ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9cab80f65f6d17fae9f2d787523ea7e4812c65feb9bdce929e95e7db1830d45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127311
x-xss-protection: 0
server: cafe
etag: 15083062684511579722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:31 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/ 386 KB
123 KB 140ms
137ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0d83a13bb40d6bace904907c1739222ff3df6e756eb604738b0e84ed2069587a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 02:17:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20363
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125538
x-xss-protection: 0
server: cafe
etag: 13270015330606002998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 27 Jul 2024 02:17:08 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 339ms
89ms Script
text/javascript 2.23.209.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 522ms
312ms Script
text/plain 108.138.7.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDUzMDk5MF8xXzdkMGI3YWE4MjlkYg%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-39.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jul 2023 07:56:31 GMT
Via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: DNeCR6LqxCgEIpZvZBqBMqDlQBz0z5pUernbmKIIJmTiizcLrLaJ9w==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F79B 34 KB
10 KB 104ms
98ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f8dbd72cc88c7ee72b42558cb44b329918df9d7a1f1856bda43e1199b7582e8f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 23:34:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56204
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 23:33:15 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0025 34 KB
10 KB 108ms
108ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f8dbd72cc88c7ee72b42558cb44b329918df9d7a1f1856bda43e1199b7582e8f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 23:34:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56204
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 23:33:15 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 282ms
109ms Fetch
application/json 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 next-up-widget.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 50ms
50ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nMqKc8v0vasvRXiFyFw2y4RhxFsWjEzR
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:31 GMT
x-amz-request-id: YPTQA7H0CSQMW4WD
age: 43638
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: 5M6O/uf07DqX2MeewIwa5MwMxYgpMfBwjknfyJclho1DrYV7xZ0S2r/QeoDPHZcBkurlaRWGRdM=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530992.878822,VS0,VE0
etag: "0e2e4a56e106f372a41c750ae738705f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 77
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4537

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 122ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A3452%7D%22%2C%22eventTime%22%3A1690530991862%7D&tim=07%3A56%3A31.863&id=9276&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 122ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.765625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A56%3A31.891&id=9896&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 130ms
126ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=07%3A56%3A31.905&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6450&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75773

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 275ms
91ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 07:09:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 07:56:32 GMT

GET
H2 200 spa-detector.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 52ms
47ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F_4i._8q7f.Kc5Co4t0Pr9x_B1OIqF5C
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:31 GMT
x-amz-request-id: 2PW2AB061D9DWJZW
age: 43631
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: O2HeNB9E7CvNSTRskaw1RMunIeCyHPeNaIzwUANwEoP9c31NGrAG3VAU6/11OCYH/xv/Raz8kNk=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 19:49:21 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690530992.944463,VS0,VE0
etag: "3e9c41a418b54e4c6ddf043af9a9362b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11804

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 126ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A56%3A31.909&id=5260&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 127ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690530991914%7D&tim=07%3A56%3A31.914&id=9745&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 128ms
124ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A56%3A31.917&id=8504&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 128ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=83f19a70cf832b5f61207d2b163efc19&sd=v2_030ff1a47dde843929448540973c0662_4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d_1690530989_1690530989_CNawjgYQ2YJdGJSO_9uZMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&pi=/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&wi=1233831285534655277&pt=text&vi=1690530989844&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690530991920%7D&tim=07%3A56%3A31.921&id=2461&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F79B 284 B
536 B 346ms
83ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 256ms
87ms Ping
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5323&cid=amp-wLlRbjA8A3JgAMwiv6OG_A&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&dr=&dt=%E3%80%8C%E9%9B%BB%E8%BB%8A%E7%94%B7%E3%80%8D%E4%B8%8D%E6%9B%BE%E5%9C%A8%E8%A8%98%E8%80%85%E6%9C%83%E5%90%83%E6%9D%B1%E8%A5%BF%E3%80%80%E9%BB%83%E5%AD%90%E4%BD%BC%EF%BC%9A%E5%9C%A8%E8%87%BA%E7%81%A3%E6%98%AF%E8%80%81%E6%A2%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690530992&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 262ms
82ms Ping
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-wLlRbjA8A3JgAMwiv6OG_A&aip=1&sid=1690530992&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/ Frame 8A84 387 KB
123 KB 91ms
89ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076568

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 02:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18661
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125684
x-xss-protection: 0
server: cafe
etag: 12611934720420487755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 27 Jul 2024 02:45:31 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ Frame 24B7 385 KB
122 KB 93ms
88ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44121
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Jul 2024 19:41:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0025 284 B
536 B 336ms
85ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 276ms
85ms Script
application/javascript 18.66.97.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:17:16 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2357
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: t1SKm_r-sxbdhe4GkgOgBa-YiuAMDJbIoObmOWo1sywRABrf6-Royg==

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 1BFA 495 B
664 B 948ms
326ms Document
text/html 52.198.195.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 28 Jul 2023 07:56:32 GMT
etag: "64c33145-1ef"
last-modified: Fri, 28 Jul 2023 03:08:53 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 088B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

86ms
85ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 07:56:32 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 28 Jul 2023 07:56:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FDE 603 B
213 B 461ms
262ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-27091182952472039968&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3476&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=836005323&ga_cid=amp-wLlRbjA8A3JgAMwiv6OG_A&ga_hid=5323&dt=1690530991814&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&bdt=3400&dtd=125&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:32 GMT
expires: Fri, 28 Jul 2023 07:56:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B44 603 B
534 B 408ms
211ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-18449247263122249403&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3486&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=836005323&ga_cid=amp-wLlRbjA8A3JgAMwiv6OG_A&ga_hid=5323&dt=1690530990517&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&bdt=2103&dtd=299&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:32 GMT
expires: Fri, 28 Jul 2023 07:56:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 89ms
88ms Script
application/javascript 2.23.209.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Fri, 28 Jul 2023 07:56:32 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9185 379 B
599 B 274ms
93ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f16cedf75f46cac5cee8a1c5fae7f805cb69c6b7da7c296991b65d696efc77ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame C44F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169053...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
853 B

293ms
95ms

Document
text/html

18.66.97.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 552
content-length: 459
content-type: text/html
date: Fri, 28 Jul 2023 07:47:22 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id: 6FXo-_WLz68EILwVycB8WXAauVUUG8UXQehDwF86ITBoEZGEpsuRFQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:32 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9185 15 KB
12 KB 144ms
139ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b5c6d926f7496146d50267eff74dd0e84b73f8067168d91d2cbd55ec3144c0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11855
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 73DD 577 B
461 B 89ms
86ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690530992296&uv=3308&tms=1690530992296&abt=id5mc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=eef0c787-7931-4f39-8052-bf6be722cdf8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fff39df7f06cbc608ac47d0faf67d7953d2281a4164f3b4d6a231b2cd1a5019f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 28 Jul 2023 07:56:32 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490035-LIS
x-timer: S1690530992.323477,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 1FE5 439 B
534 B 274ms
87ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c7fc5c7970811d820cc499b1b5374169498bf4028dab50d97422c7fb4ed325dc

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 28 Jul 2023 07:56:32 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
769 B 127ms
125ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690530992309&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1536&pt=394363604&tz=0&viewable=true&ddast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f33777cb2183d118634bcb77f2e7e674ae85791c9cc84a5d75f2c529571f9c87

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1467
x-cache: MISS
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690530992.333227,VS0,VE80
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 261ms
83ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=31589837&cb=1690530992296&uv=3308&tms=1690530992296&abt=id5mc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690530986741.8!ts:1690530992296&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-length: 0
server: nginx

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 63DF 379 B
317 B 203ms
101ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e10848ecb4adcd9460f3c1bcfc2c37c7d1295f011689c32b653d8d5ff236debd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 4514
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169053...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
852 B

326ms
94ms

Document
text/html

18.66.97.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 552
content-length: 459
content-type: text/html
date: Fri, 28 Jul 2023 07:47:22 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id: 0ooniqmAGbTNthaoLNwdFTLf4S-r8VZwU3UMB7hnR8YA0Ba2riT2mw==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:32 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 63DF 15 KB
12 KB 142ms
139ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

062bafda95d57d1a69cc213bea03e8aed89477c69187070091bf40bf1ae95896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11742
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
306 B 240ms
239ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 131
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 107643
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690530992.446790,VS0,VE131
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
158 B 96ms
95ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E3%80%8C%E9%9B%BB%E8%BB%8A%E7%94%B7%E3%80%8D%E4%B8%8D%E6%9B%BE%E5%9C%A8%E8%A8%98%E8%80%85%E6%9C%83%E5%90%83%E6%9D%B1%E8%A5%BF%E3%80%80%E9%BB%83%E5%AD%90%E4%BD%BC%EF%BC%9A%E5%9C%A8%E8%87%BA%E7%81%A3%E6%98%AF%E8%80%81%E6%A2%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-wLlRbjA8A3JgAMwiv6OG_A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.2265400341664745&gjid=0.007208077590203921&_r=1&a=5323&z=0.8939766720820881&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 89ms
88ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63a967b93b2109c0f1dcca44b33372c903a5c9e89078c77dbe63201f2e25f064

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 4082951
edge-cache-tag: 535745196937353868742743497463140311808,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Fri, 23 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 3788
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100156-IAD, cache-chi-kigq8000133-CHI, cache-iad-kcgs7200114-IAD, cache-lis1490035-LIS
last-modified: Tue, 23 May 2023 15:40:19 GMT
server: nginx
x-timer: S1690530992.446769,VS0,VE0
etag: "1e52eb849b3765c2e339ae6e98923ab1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 259, 1096

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 87ms
87ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2140073
edge-cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jnportugal.com/
content-length: 6196
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kiad7000029-IAD, cache-sna10730-LGB, cache-iad-kiad7000025-IAD, cache-lis1490035-LIS
last-modified: Tue, 06 Jun 2023 15:55:33 GMT
server: nginx
x-timer: S1690530992.446785,VS0,VE0
etag: "4dacb31c72359ff4d305c3c8787a1e5c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 318, 3

GET
H2 200 430aa6e2f6d57167ad2a2af73d1a825d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 90ms
89ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82553f601ea713da610c2b325127155eedda1b37f7ff357865da34c6af90d175

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
age: 1995766
edge-cache-tag: 504611621092814767118893195884591538402,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504611621092814767118893195884591538402,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 301
req-referer: https://www.deepika.com/
content-length: 6466
x-request-id: 37705b2119dbf8ed5b66879932f46797
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000119-IAD, cache-iad-kjyo7100152-IAD, cache-sna10729-LGB, cache-iad-kjyo7100064-IAD, cache-lis1490035-LIS
last-modified: Fri, 23 Jun 2023 14:40:16 GMT
server: nginx
x-timer: S1690530992.446785,VS0,VE1
etag: "d7c73bfea8c67144dae19a3d75128c34"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 434, 1

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame F79B 0
239 B 351ms
86ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 088B 34 KB
10 KB 95ms
95ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f8dbd72cc88c7ee72b42558cb44b329918df9d7a1f1856bda43e1199b7582e8f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 23:34:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56203
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 23:33:15 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 73DD 70 B
265 B 299ms
93ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690530992296&uv=3308&tms=1690530992296&abt=id5mc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=eef0c787-7931-4f39-8052-bf6be722cdf8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 73DD 43 B
426 B 313ms
99ms Image
image/gif 54.217.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690530992296&uv=3308&tms=1690530992296&abt=id5mc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=eef0c787-7931-4f39-8052-bf6be722cdf8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9185 17 KB
7 KB 275ms
100ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:32 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_0_8/infra/ 889 KB
148 KB 176ms
55ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690189710
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 1EGY211EJA3NCCST
age: 341140
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690189711
x-amz-meta-mode: 33188
content-length: 150941
x-amz-id-2: SjAIXHO1D0oUntY2GbB7vyWiwzvUPCfIg3FSa4eZtpuPwnpbopplW16Rgw9n0Fnknx8J1oTrAfk=
x-served-by: cache-lis1490051-LIS
last-modified: Mon, 24 Jul 2023 09:08:32 GMT
server: AmazonS3-br
x-timer: S1690530993.646552,VS0,VE0
etag: "2653a0c8d7fe85b3a9f7075f29ed0624"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 72969

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_8/assets/css/ 60 KB
8 KB 50ms
50ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690189728
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 1EGXBHVBRZP6GW94
age: 341140
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690189728
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: KAWgGmTqU8XyRkDoqr1ZPXfsNiW5KRoJ1paTShJAcRNNrUT7taT3DKrwJlKLNjO2R0BvBP/gXco=
x-served-by: cache-lis1490035-LIS
last-modified: Mon, 24 Jul 2023 09:08:49 GMT
server: AmazonS3-br
x-timer: S1690530993.519612,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 91295

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
171 B 445ms
309ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6DQZMC27D98NXS85KTHF77Z
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BEFD 281 B
554 B 96ms
90ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690530992296&uv=3308&tms=1690530992296&abt=id5mc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=eef0c787-7931-4f39-8052-bf6be722cdf8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 07:56:32 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8A84 492 B
265 B 156ms
143ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4225973394679695&correlator=3802344140917829&eid=31076568&output=ldjh&gdfp_req=1&vrg=202307270101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690530992590&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=uox77khzvl5l&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=22420286.1690530993&ga_sid=1690530993&ga_hid=220603726&ga_fc=false&dlt=1690530991261&idt=1133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076568

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

88ab21e289f6b12fa17c748580a8823c07858448b4280886b3b80f048b04e888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8A84 15 KB
12 KB 152ms
151ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076568

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f0c97ab0daa9af4b262156bc3e5a582fb3dec1089f5f80ad152edf76d0faff43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11780
x-xss-protection: 0

GET
H2 200 container.html Show response
34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6AA 6 KB
3 KB 362ms
74ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:32 GMT
expires: Sat, 27 Jul 2024 07:56:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 63DF 17 KB
6 KB 146ms
120ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:32 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 24B7 492 B
263 B 159ms
157ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3894968216989939&correlator=3520851234744012&eid=44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690530992643&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=y6qs1b2ewapd&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=544256967.1690530993&ga_sid=1690530993&ga_hid=723667664&ga_fc=false&dlt=1690530991310&idt=1105

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

69c8559f4399f451bc7c3c665d97161da5acf97cd8ffe01bd3385cd99680a263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 24B7 15 KB
11 KB 181ms
178ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

c40f08f999ff27a8f1f2e103bd5af61ca359f0616e50dbe24ceba81a8dc07ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11719
x-xss-protection: 0

GET
H2 200 container.html Show response
3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3489 6 KB
3 KB 330ms
97ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:32 GMT
expires: Sat, 27 Jul 2024 07:56:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 L2EvZGlhbi1jaGUtbmFuLWJ1LWNlbmctemFpLWppLXpoZS1odWktY2hpLWRvbmcteGktaHVhbmctemktamlhby16YWktdGFpLXdhbi1zaGktbGFvLWdlbmcuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
873 B 464ms
463ms XHR
text/html 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvZGlhbi1jaGUtbmFuLWJ1LWNlbmctemFpLWppLXpoZS1odWktY2hpLWRvbmcteGktaHVhbmctemktamlhby16YWktdGFpLXdhbi1zaGktbGFvLWdlbmcuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 28 Jul 2023 07:56:33 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=368, ak_p; desc="469591_34654796_456810503_37719_1313_39_0_219";dur=1
content-length: 555
expires: Fri, 28 Jul 2023 08:56:33 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F79B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEINihl2lBRB4uNHDCvCMym4&google_cver=1

0
239 B

83ms
82ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEINihl2lBRB4uNHDCvCMym4&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEINihl2lBRB4uNHDCvCMym4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame F79B 0
214 B 91ms
86ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F79B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5vS0KS4rQ6eL8jWvfjZoSQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vS0KS4rQ6eL8jWvfjZoSQ

43 B
479 B

163ms
163ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vS0KS4rQ6eL8jWvfjZoSQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jul 2023 07:56:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PPBA0C3THJR15ARAT0Q0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vS0KS4rQ6eL8jWvfjZoSQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F79B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
409 B

172ms
95ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F79B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=ZMN0sQAA9uH_OgA4
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZMN0sQAA9uH_OgA4&_test=ZMN0sQAA9uH_OgA4

0
239 B

150ms
101ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZMN0sQAA9uH_OgA4&_test=ZMN0sQAA9uH_OgA4
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-lis1490029-LIS
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1690530993.313769,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZMN0sQAA9uH_OgA4&_test=ZMN0sQAA9uH_OgA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200 9.gif
id5-sync.com/i/175/ Frame F79B 43 B
1 KB 274ms
85ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/175/9.gif

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 28 Jul 2023 07:56:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F79B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1164
https://c1.adform.net/serving/cookie/match?CC=1&party=1164
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5386090009127793644

0
239 B

201ms
84ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5386090009127793644
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5386090009127793644
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F79B
Redirect Chain

https://rbp.mxptint.net/sn.ashx
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_10682D444_142A3B5EB&expires=60

0
239 B

144ms
91ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_10682D444_142A3B5EB&expires=60
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_10682D444_142A3B5EB&expires=60
Date: Fri, 28 Jul 2023 07:56:32 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-373535772; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 228
Content-Type: text/html; charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1FE5 70 B
264 B 123ms
122ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1FE5 43 B
425 B 141ms
140ms Image
image/gif 54.217.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 1FE5 0
126 B 301ms
86ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BEFD 34 KB
10 KB 134ms
134ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f8dbd72cc88c7ee72b42558cb44b329918df9d7a1f1856bda43e1199b7582e8f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 23:34:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56203
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 23:33:15 GMT

GET
H2 200 pixel;r=323986172;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html;uh=e51ed67dfb8d91dc24b15e2ace...
pixel.quantserve.com/ 35 B
372 B 97ms
90ms Image
image/gif 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=323986172;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2099627854-1690530992158;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690530992765;tzo=0;ogl=;ses=2be1be88-51c0-449f-b9e3-1e59d32e4192;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 088B 284 B
536 B 155ms
132ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A84 17 KB
6 KB 134ms
133ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307270101/pubads_impl.js?cb=31076568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:32 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A9A 13 KB
5 KB 89ms
84ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8121 783 B
1 KB 290ms
99ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

fd91ea8a8c3e60d59973f9f9c8c1cd40f787f6526ca364c241b156f982dae6da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LRfP5ZX8GvEDbnesC8UnRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LRfP5ZX8GvEDbnesC8UnRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:33 GMT
expires: Fri, 28 Jul 2023 07:56:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4EFB 13 KB
5 KB 115ms
89ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B4A4 783 B
739 B 270ms
102ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

ce2ec197c890c8cf716efd768385a53dbfd521e6c0aa69070d7b8c1bc0c28c31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kuPxCnJxzAKnt7mkYJRZaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kuPxCnJxzAKnt7mkYJRZaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:33 GMT
expires: Fri, 28 Jul 2023 07:56:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 60ms
53ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 07:56:32 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 450
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1690530993.927355,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 76
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 768

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 24B7 17 KB
6 KB 102ms
102ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:32 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BEFD 284 B
536 B 84ms
83ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
631 B 62ms
61ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 28 Jul 2023 07:56:32 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 12807
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1690530993.979697,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 556

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 52ms
50ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:33 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 1370515
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490035-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1690530993.154407,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 138109

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/ 446 KB
84 KB 49ms
49ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690439347
date: Fri, 28 Jul 2023 07:56:33 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: A3N10TATEMVHA5QR
age: 91564
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690439362
x-amz-meta-mode: 33188
content-length: 85839
x-amz-id-2: YpLsidS2POsIKt23Ufq53o+kIa+03QWIhvzNyWX5RqYAx9tb3V1X7ZUuAJ8mMhdUUbsPS9EPyeA=
x-served-by: cache-lis1490035-LIS
last-modified: Thu, 27 Jul 2023 06:29:23 GMT
server: AmazonS3-br
x-timer: S1690530993.204391,VS0,VE0
etag: "b33cf048d4d632bd93b30c09e2201e4c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 28660

GET
H2 200 sync Show response
am-match.taboola.com/ Frame C014 422 B
508 B 94ms
82ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a882544fff30a3e86450eac4425ef6dfe9122cad7102e7e78464059d162adb6e

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 28 Jul 2023 07:56:33 GMT
machineid: 3401
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 88ms
83ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&cmcv=&pix=31579697&cb=1690530993186&uv=3308&tms=1690530993186&su=3&abt=id5mc_vB!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:33 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 60ms
45ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 28 Jul 2023 07:56:33 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 965154
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490035-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1690530993.335531,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 282783

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 120ms
115ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

17dc45b89e22364dfd448ad5faeb6d6c9f484803090a662a2256b42b4e1c3067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 07:56:33 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 4514 31 KB
10 KB 216ms
72ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 43649
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame C44F 31 KB
10 KB 214ms
76ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 43649
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD56 13 KB
5 KB 93ms
91ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FCDD 783 B
740 B 115ms
114ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

0f697cfcbb582dde239ce9019e8bb34c8a404072697bb9f263e04970a2752c9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QocOxw6i6wyfbTN9LJP6Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-QocOxw6i6wyfbTN9LJP6Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:33 GMT
expires: Fri, 28 Jul 2023 07:56:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame BEFD 0
239 B 575ms
144ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 1BFA 0
269 B 303ms
303ms Script
text/plain 52.198.195.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:33 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C014 70 B
265 B 96ms
96ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Jul 2023 07:56:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C014 43 B
426 B 97ms
97ms Image
image/gif 54.217.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-214-211.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame C014 43 B
147 B 270ms
81ms Image
image/gif 3.67.157.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.157.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-157-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
pips.taboola.com/ 4 B
120 B 67ms
49ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490051-LIS
date: Fri, 28 Jul 2023 07:56:33 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FAE 13 KB
5 KB 83ms
82ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 452A 783 B
739 B 117ms
110ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

b99080be19b1771bb388ab914d411fde8fd4e16932a677e59e54e4b4b39cc442

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gPc_2U2G_UuPsHtbiMZ_cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-gPc_2U2G_UuPsHtbiMZ_cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:33 GMT
expires: Fri, 28 Jul 2023 07:56:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
346 B 166ms
165ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 114
date: Fri, 28 Jul 2023 07:56:33 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 108656
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690530993.473019,VS0,VE114
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8121 0
0 153ms
113ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=1222258527003720&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B4A4 0
0 150ms
115ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=4405962502420422&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 / Show response
cds.taboola.com/ 0
83 B 661ms
141ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Jul 2023 07:56:34 GMT
cache-control: no-store
server: nginx

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A9A 37 KB
14 KB 110ms
80ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EFB 37 KB
14 KB 83ms
82ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 4514
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

57ms
56ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13664
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUpx7japeUqRoxDIjgCnKKzNw0Xm9ygXpTIhDRhrwdvHM4F3blSi7XD9DzynrpBEcAmRQ%2FyiFBhCHhpcGwXo34%2BDrNyilhijWdIWXUsQTiaSMjaZ2vpYm3Kc4sleXX8hpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7edb90fa3af2489a-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FCDD 0
0 114ms
114ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307270101&jk=4225973394679695&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame C44F
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

87ms
86ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13664
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuTiAEu8GmMsuIeyF0MvzNBM81tB4Ps8IsBa01cglTtq%2FOF4Q4wsInFW3cIOjSwuQiSgr4s7b%2BYj1R0E4ncm1Vt66M1Hy2B5ZnXy5v%2F28q0VYzw6hwzKb2o6Ag2Ad1UEJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7edb90facba4489a-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 220ms
79ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=5323&cid=75662598.1690530994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690530993&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&dt=%E3%80%8C%E9%9B%BB%E8%BB%8A%E7%94%B7%E3%80%8D%E4%B8%8D%E6%9B%BE%E5%9C%A8%E8%A8%98%E8%80%85%E6%9C%83%E5%90%83%E6%9D%B1%E8%A5%BF%E3%80%80%E9%BB%83%E5%AD%90%E4%BD%BC%EF%BC%9A%E5%9C%A8%E8%87%BA%E7%81%A3%E6%98%AF%E8%80%81%E6%A2%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD56 37 KB
14 KB 81ms
80ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 452A 0
0 120ms
119ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=3894968216989939&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FAE 37 KB
14 KB 80ms
79ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4EFB 0
10 B 83ms
82ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8-83GQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD56 0
10 B 81ms
81ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uo-u_w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1A9A 0
10 B 111ms
110ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S5AgLQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2FAE 0
10 B 88ms
87ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jhTmRA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 4514 975 B
748 B 60ms
60ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13517
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptcmqr9p6ZG%2B8qXTmSpeAEh1IoyhpYay2v1UsZsRY2di%2BtrH49KyVYEAMGqpq6OJZKvrIZSMDPeUYtjmfjnhEFBwkzhb7UHmWh1sFmyRbcy9R9hQCSowt6SkZxadgNCDiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7edb90fbad14489a-LIS

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame C44F 975 B
747 B 53ms
52ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13517
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLWmzniNmskYPJA8EYsVE3%2BoMabhjVP8D8ex1hb4w0KLVMP51S%2FPS2b2NxskxZflE4rGKkKz7ord3sPN44nvowNGJtfHLajk7VManInsOhMMzvl5enHFvBcEDERnN39hjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7edb90fbed5d489a-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 4514 661 B
1 KB 576ms
221ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.0836040561277609&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:35 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 8091c546-1893-3bfe-88d7-5c32cdad5f07
X-Adtype: html
Connection: close
Content-Length: 661

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame C44F 661 B
1 KB 520ms
216ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9187706846558672&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:35 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 8091c546-1893-3bfe-88d7-5c32cdad5f07
X-Adtype: html
Connection: close
Content-Length: 661

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 100ms
100ms Ping
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5323&cid=amp-wLlRbjA8A3JgAMwiv6OG_A&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&dr=&dt=%E3%80%8C%E9%9B%BB%E8%BB%8A%E7%94%B7%E3%80%8D%E4%B8%8D%E6%9B%BE%E5%9C%A8%E8%A8%98%E8%80%85%E6%9C%83%E5%90%83%E6%9D%B1%E8%A5%BF%E3%80%80%E9%BB%83%E5%AD%90%E4%BD%BC%EF%BC%9A%E5%9C%A8%E8%87%BA%E7%81%A3%E6%98%AF%E8%80%81%E6%A2%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1690530992&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=7951&epn.domain_lookup_time=13&epn.tcp_connect_time=529&epn.redirect_time=0&epn.server_response_time=1123&epn.page_download_time=2&epn.content_download_time=1750&epn.dom_interactive_time=1750
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
82ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E3%80%8C%E9%9B%BB%E8%BB%8A%E7%94%B7%E3%80%8D%E4%B8%8D%E6%9B%BE%E5%9C%A8%E8%A8%98%E8%80%85%E6%9C%83%E5%90%83%E6%9D%B1%E8%A5%BF%E3%80%80%E9%BB%83%E5%AD%90%E4%BD%BC%EF%BC%9A%E5%9C%A8%E8%87%BA%E7%81%A3%E6%98%AF%E8%80%81%E6%A2%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-wLlRbjA8A3JgAMwiv6OG_A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=7951&dns=13&tcp=529&rrt=0&srt=1123&pdt=2&clt=1750&dit=1750&a=5323&z=0.33592200428256347&gtm=45De1110&t=timing

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:35:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12082
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
710 B 125ms
49ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690530994868&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1536&pt=-1903635602&tz=0&viewable=true&ddast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f33777cb2183d118634bcb77f2e7e674ae85791c9cc84a5d75f2c529571f9c87

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 28 Jul 2023 07:56:34 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1472
x-cache: MISS
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690530995.893096,VS0,VE75
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 63DF 0
0 115ms
115ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=4405962502420422&bg=!t7SltODNAAZGOVy5Zjk7ADkAdvg8WkmfVTDJyIkP_pxpgp_qkj-D3hkTocU6b6bds9-ykm55NjK6zGv7FkDSZ5GJYbUOMEbVLTECAAACP1IAAAAoaAEHmQK3F-lN23MNuMsnf4LxRJHRqTnFRJPQ_mbzLwiUFQvmfgwXRyHRTasiCP70TJPI1VqSoo6qjmjuuZ9QPal1iQaUIJxfeMa4GjnmbrnSln9EWGtLg6Eth_QoIag_NwKr7ZObPYd3xSg_WZ7nAdoyXEfFJGCvnsJ5ItFICvmWj9wQuhxAIm8YsFbfBxxf8sAfTgEu0aKt_OULW56L7OkTWh3fL6gzxF5FlbWv3aVzXieRrTWNa2P1V3dFiZlw0U1wtX2m9GO839FyJL6JFqj0Y1eq8m9Y6oYg7_Ow0KKuWyU8qZvwnxsm1Yd-Kb_uUFvK5M8lkJo-tb6LdzH_gx_l8AjYzToetfztWvv9NHm28cTg9OyCuQuO7Lxu_9lqlH8wGvPr-yPb_24-upX7EUR_MzNSWxymXTqNneGCJo1t8pK3gMRcVWKatZJid7aCPgvlGiHGr_5Kejj7a3P_No8Ehr_t9KwjSuBnwji9QBdWEIBMAvkj0-cecWxzPZm9vavmintm7dM5Ausk79l8lD1i_w9QfUV56v8iyLsV_ZfchRDq2dGlIqqpBF1g2RvHlSxjFZRkwj4YSL03bugCOvetFz2hCT5NHLotUESaWzr3UlvssWciaXXVXMfZzx-J8SKsxqMuvveeVUTJwt7KM7Aq5OM3voy7PezKdqoymNr8aTv18d4RrEKAwBL1LryuqFc_rY21z_VIC2sf5U7HMJCjw0ELN4L_1PGfW44m5MryMoFZqv2jP4PnKnSyzvl7b7iaqsgBqGW2oS8Sji6deM24nImgrvyAl4scY6_prOs99YyqnDLIl9gOPHffOadfUP4RvE-kjz9m0nTMKiGE55X1r0kE1tgGaTHkuF1GCSx69Gz4az1qQ7QmW5ZGVxsnqdtg-TgDDjlnsaVTyRTBikShpet8Y16vLPef-64
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A300 81 KB
27 KB 132ms
131ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

18cad99145da5e69bbeacd00271491fd73ab6a9073141c0acd2ee0fe92aa6581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27655
x-xss-protection: 0
server: cafe
etag: 693 / 19566 / 31076563 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:35 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C8F2 81 KB
27 KB 129ms
128ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8f2d4d6871a5a05023fdf05b6dd03f32c7c535278ec7a332ae8d9a0fe1e701ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27649
x-xss-protection: 0
server: cafe
etag: 387 / 19566 / 31076565 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24B7 0
0 115ms
114ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=3894968216989939&bg=!MTKlMmbNAAZGOVy5Zjk7ADkAdvg8WmgSlkTAd0eqTTVFSIGpkfToweEmG_36wdS0Uu679N6ztDXfIp5_mTrh0QeuiR7KA4FcMMkCAAACKVIAAAAhaAEHCgBfQsIhwotU6PcxSyPbJKbMfq_W-2v7-Z_WfaE90ct0GPu-RTPctMaTVB5hqpTwwVS-v6UBLtzSd097D9WTHxiNqkTfp-WN83gZC8sRKoo05wqkoCDEK5qpN3G3xWtYhc6ZAsfuT7HSAj7xtonF5hpcWbNLKxNxTMwi8cQkoBdD_v0GfJH6pIIK8bkmbtGwRGdi96hmH-Xt9wLQ8qjuYl5ocUocgeYrdYMm-LIXPAZy2Vy8x-1dQefn05C2o_R1iZRhM4pUllixM_zItMB3ZqB2urJ3zcMKISyeOwq7vH5b-1Gt_ZhHRWoHfjgfBSYYGSA42z0jvBUhK0W9N5Dxuj6mBL3bOhoePk9wMY1xC0ZYxsBNOBDoTBJNgObTf7uzGTEsUl6FZun2xiyQDXww5N2_r3t4GR-roNiW2-0k64TMj6HZXdVnTOYpAaBIR0vFc3SnbehjtxVt9XqDAEEagO0FPX9S0bDvDVy9qQ3j97hbmp-U5R0x8Uc3l0jJyQdx19Cea4xFHgfKXbmC-wkLwYw9y9gDDrkE3XYjoYD1VKMSyq9xVHD5rJa0B-mozSe-Wja2hEslXMofBRkTymEH2hwP-yder57utldLkXijWRVvsYIe7KevAebUTZ3AgVHYc9dJOiSH1EBp_N91--ORLEM-jQ73Xxj6kZoQeHac735bOMKwOOHwZTdpRY5Z2-rd0TiuDmVwrzCwS36FEwNd88dkOUkqINMMs9Y57_7fQN_0s-m5OAd2ukfQuzWXSGQsAHeOnWw7aHhMK2FHUPkLWe_glu-kG9V-Rp4mm2uJmEC-BG5_7JUWiOpUyDI7yWDLM0kKFfSSzIOC3rxsQfgD96YA7qDNC7Wb7A_lP9P0hFYTfT25nOlMA3knIwjzLUSR7y16dCZyYL6oIeQ2LfgM_XzNdHOw8KED6NmSZWHVwdV9B1HG743pxskx1rZAT3TA4EbnOEhDf0h-bfBM07NEIBSMkL0MJJvXwJ3kwWiJoa97cClmP4yGscTGJOwGWb6COY865qn77WSsXrCa6ZYLpGPR8zK3isVzQadTgWe38XeehOGghpaXD58SHIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9185 0
0 115ms
114ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=1222258527003720&bg=!7u2l7bnNAAZGOVy5Zjk7ADkAdvg8WiMeR86ZCnNrRn-P5IvqpPAePDW6uvBdqNrOFVjjeZoIJ-W4fmmNnl-tvRNPkmyopm1yy8ICAAADllIAAAALaAEHCgBuP6_wytgjkdH7zQESEBVxTSCvKkUk5EMiMFFxOcOIZfu5Sl_F1eEsFW43gE9UQ65oBVkhNnWHCXKMZ0mIiz3tlcRvff3xUPTs7j_jKQe8dy2YiEUPpPgG6TLkeG7QcP0THoKWpUTaiYMDtgm3QoeZAsC-wdZfsc28NowOSmexplxVpGCr5n9RpZKFFU9xp_KqYonoroalxhUwQH9DmplUFZ_QxZO2Biw9HKcRRTYvqxukcgAEYqYYMksksLufz_NG6dN7AeBiBjMrWOO4Nzxj6LmfvUoSklrkj6foL_5FIk7xrZw2hMdVYa3ClgwaPrOutAgz2_0jLAYRbcm7NcKFTP_F6ukuub805WFwfHeuR1TZxSAjqWft0GyOn9Y0DdkcDf_DL5eyJOYuyt7BdUohHmywJiGjQK3MbRuGjTY19Q4q52DafkQqVD_DJ9VZkjwWfCiKbQ8suiyuFhlgxEdFBqSWwE3RwRhjYPjijajtcCeGkDP8xJztobqzyu9QhI2gJViG1i_kuLWNEC9G_-Cefj6IVtxttsjU8xVRZcaNScSUY1btt4jhbfLQxpgE_sS0NKS25oUFQLWbyKXOtc9EzoZByBmaYypZ1hJ2Lgu8xgXTK6GMXUL2TrDdvpAPaxmURUErQPbJAalEVolwfdEWAmdZeqmHjRIeYR7mfqyibetPbkQyWEhxY3pBmvmzh2kY111F7kfC2M4-Acjhk92ADbnHHjGosFb34U5nXFkzrKswC-k84D2jyQPpyj0aD0fre8e4hYgF_kNO6-W7O6b1jqPNKNvXoUOIbSFEYATvS9J5JWM3ixSHuMEJT7lP67zdw0xim9dthxyPYzagkDgVBL_os7fNIGan1YU_9-UMZcMWazL89rJngoSxxOkvJSwd6YoYSt0njssYMmGBbWsnJuqQrgXvfVZkexeRbhd45PLp8hUC0YX2qEqNMCPoyTJmMqSxPL5yu2HR7q8v2912BPP_f30tfTqR92UMuXG0MlsnZjrmzQvTPp6e3b0shtf2eOAXuT-YDfxg5Ip3ihDNpVjed_VY7kEDHOYA9-abYTg7yO-ovJSmnftpxtBKnBlxIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A84 0
0 116ms
115ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307270101&jk=4225973394679695&bg=!xsWlxZHNAAZGOVy5Zjk7ADkAdvg8WtxJtDjl_lCkVEalmfRIYtjxqRKJ6GDiuuX7LJAKQD5ZHTJhT7FvWxnMNNs-sqmGRI5m77ICAAACLlIAAABPaAEHCgCYCgrYQGltGMkcWa6ZayT1HcYrFqbGq4F-oiHWC1ybWYmC94JQOlNYoXnaw5OtaLx8DIWUXiJaGAVPpLh5Ij89eJcTXtkBaIure5FzqHbVK18seBzsUvn4NgXW5UJvwgHTOqFBmHLL4Y-AuAWh_gcFV1siFS-8TGinAWPla1asWZsf64hvtY-j2KbRsxEg9je8bpAq9hI16TOZAsxGGWI2viAiQawBXLrnQkNonCNSlfwyjIGBwwFJoS-f9imJ1Wkplqpyao4fTGHGTl7JDTwep9SuRhi5ACv5AezhzUKQyYq2LNYky2AIYB7RvqbXKvo-0GDQfSeip39h_ReAleD6-GHlnBT8F5O71qGhP6UYh6OT-NrFlnSvtcO_Gvx6wxdaWyvdG2eC8F789kCyUwXQ5PoHmO5HggDhYKl33r6d3QlVrEeUX7wut0Zz1nzpysErrybXpi3NIKqJYJpjT0o1jgouldcxVIYxXHFw9GfZ-oFrsoAr8H14K51kpNgecKa-A9R2lBsTZYGZMBhNHb-eWFNO5rMOf_rmTCsEKiZiHzcixd51BbVprfvwRuEtHuQlk9NX5GRvZdRPkGdX6vWVBRKrOf--P7vVwJ2G4vF5bntQ64u8g52UYg-os0Glz9c-WBFYq-WmRV6_PMrt4tUmwLi5-M1Mv-MFVUMB6--9AVpQRplJrpwmrmxVmT0-aVQFP-EAgpn4-Pwmupr23CNRo86RNPFGKU6i0I9ngfiSy1ZdoGDmUJ9jxpy__TAQUWrUfs7KdkjOhkMMs58zoXtktChds9p3ecrZGSNRW3rgK72InWnf9Pt4XySKtVw_ksqtK-jOHKN_2lGCOMgkuv-CAil7O4T8S2mCJ80a_bmsko0AOA43w3ZsrzWjL4OfKDc6UsvrlkimkMpcroHkGO2MMyrdw15uxq2p1cCA1FupwTZ-2xFDH6yDENu1e-tuMKanDf-mYlxedQaVxfUaKtWbvscAGbnNXeUzQBu8pLMnvDEvI9wZQxlAlQ3wIQ02BeyaoSWta00oVIvq7fh2V1Y9oYJUOppUct8Z2XNu4rOtkwjiaL8D-R_X08W8JL_tUBF53IeivlnNCRc_vRUvFwQDVrnWyyZGX8mm461khAfeSfw44mpcDApT6nFZBPGXCiRx1Wd-UlFv4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame C8F2 386 KB
123 KB 81ms
81ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 05:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10430
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 27 Jul 2024 05:02:45 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/ Frame A300 386 KB
123 KB 86ms
86ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0d83a13bb40d6bace904907c1739222ff3df6e756eb604738b0e84ed2069587a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 02:17:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20367
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125538
x-xss-protection: 0
server: cafe
etag: 13270015330606002998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 27 Jul 2024 02:17:08 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C8F2 27 KB
12 KB 233ms
232ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4378041022381985&correlator=4500675589510909&eid=31076565%2C44797786&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690530995502&lmt=1690530995&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=y6b394xyedr2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1689024945.1690530996&ga_sid=1690530996&ga_hid=139299325&ga_fc=false&dlt=1690530994537&idt=939

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6b88ac9514ab37c5a91d01e2309ee60bc9558bfe02d3538dc6728849b226db6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12021
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C8F2 15 KB
12 KB 127ms
127ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ac2dfbbac595b6cb7c426e22030c925f3e0eff8c21dd4c9d8282c3091497c0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11816
x-xss-protection: 0

GET
H2 200 container.html Show response
e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 822A 6 KB
3 KB 138ms
89ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:35 GMT
expires: Sat, 27 Jul 2024 07:56:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A300 27 KB
12 KB 215ms
214ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3350170888162667&correlator=1612065969138135&eid=31076563%2C31075148&output=ldjh&gdfp_req=1&vrg=202307240102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690530995581&lmt=1690530995&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=yybdt244pc30&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=297620927.1690530996&ga_sid=1690530996&ga_hid=1229840764&ga_fc=false&dlt=1690530994484&idt=1068

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

15ddb2410190a2140dfbe609cc37f6927a5431e3676754eafdeb88b72ce3df8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12021
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A300 15 KB
11 KB 133ms
132ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307240102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f69f6c5a6dcf3d2921da464d405010268cefb182d77303cb3ce46d8f1aedde3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11689
x-xss-protection: 0

GET
H2 200 container.html Show response
5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB0C 6 KB
3 KB 108ms
88ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:35 GMT
expires: Sat, 27 Jul 2024 07:56:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C8F2 17 KB
6 KB 95ms
94ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A300 17 KB
6 KB 125ms
109ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E76 0
0 123ms
120ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7XzviKTv8Rvr5afbz5UGq6mEib0xHQ6dIX-Whf_leVC27oJWyu3neSUrCMmf3s2O05_O6lMb5RCHjaFWMv0BPKRdv_peA1c_YdbkxJHSDdaiVAPUdaoZjymfgJAF-tqKmp5iHHj04G7K_nHaD91haCshKkaYNCabw6MiotXz_GFZmAWljAkXk7ETRziafhz62Jc3WpF0DfQfx9u28SMrrhUopqMcexyR4gmGQgCqeTeLxtXFOHDWtE3TRrPjSz4aMK0uMzx8fq2aaI9Cz0gRhL1iXa6QrQReUuPw_4zd2zx9FTwxBkAh37bfbQ-46tMQP0vSjBn7KeJ_nfJ0&sai=AMfl-YQk1VPztvtNt54mscG4Zs0t0FB0loTZgPsrZkO3Oco6jAu6XCZD0b5OhaY5KkRu5U3reNdVr_7xUH6cIcBVE4MTYgGME95JnB8quQ&sig=Cg0ArKJSzIYCrjeLbJSXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 5E76 31 KB
10 KB 56ms
55ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 43651
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E76 179 KB
57 KB 281ms
98ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9E2 13 KB
5 KB 98ms
94ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED6B 783 B
535 B 103ms
101ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

4ca6031f63d30cda43203cbf27976e059226abab40694595dc8de443e2835f6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2SIFx-rNYMnCWnJ4NrPZCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-2SIFx-rNYMnCWnJ4NrPZCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:35 GMT
expires: Fri, 28 Jul 2023 07:56:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5EEF 0
0 131ms
128ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-UHznlV-tbAxgZcNS_GimztL3dcA7uRxO5z8x1RjoXbVtigPiz5ymaKhShSXY0MpYUu4MuqfEgZN20PkAI3uDhVn46UZYhqTa2yWyx1MjY8mHH9j5f-zSCkR7Jdagdw5tHFWQV7A2vQmh7tNdTdsDlZYnSNs83dVGFUINmBYELgugotiJg4rRvkkqahKm-rOUX1yBCzfKYfArw8RidFg-VxxWNv-KtUKrniLYhvrffIDG43KW6F5_A6whEk4UhhHq-Va5aClUMSOaJD5fJhJLRXflsVU_IpPF_PDJ9qGf58FsJOsrPlXlsGSNgWpcZ8Q-6uzm79GUHNr0deY&sai=AMfl-YTieoJaxm-yQBlgbMQTfsPB5dU44q4lfKH3e3ZqZbLQiZfLWHe_LXG0WdzF3LbR0iOM8VxRG0eq69SuvA1JPPOB46n8U7hTab_twg&sig=Cg0ArKJSzErWerH4hf2-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/dian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 5EEF 31 KB
10 KB 70ms
66ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 43651
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EEF 179 KB
56 KB 279ms
197ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307240102/pubads_impl.js?cb=31076563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E29 13 KB
5 KB 90ms
81ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D281 783 B
535 B 105ms
97ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

906e35c49bb9aecd37ba4cff0b9a4341f3d4afd45b853fe9c4d2168e46b80f34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PxukE4hsUm9MS4tk7S-0lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-PxukE4hsUm9MS4tk7S-0lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:35 GMT
expires: Fri, 28 Jul 2023 07:56:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED6B 0
0 130ms
116ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=4378041022381985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame E9E2 37 KB
14 KB 98ms
85ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E29 37 KB
14 KB 97ms
97ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D281 0
0 115ms
114ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307240102&jk=3350170888162667&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 5E76 80 KB
30 KB 300ms
102ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 97MAKDE78NDXF4CQ
age: 479
x-amz-server-side-encryption: AES256
x-amz-id-2: N3hFgoNZu/45Kv7ljRyKUSFVZWUdsUm/A4018BM/CdqsgoyRb6DO6AsRlrAmTbtcFUHO2ilu9tKsgwmuB6h8MblfPR/gX2ksN4NIOvUDU0k=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 5E76 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8af381e59edf9c5503ca57b32ca97802c48e4dcac83300b28fb51e9ba4102f74

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 5EEF 80 KB
30 KB 253ms
170ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 97MAKDE78NDXF4CQ
age: 479
x-amz-server-side-encryption: AES256
x-amz-id-2: N3hFgoNZu/45Kv7ljRyKUSFVZWUdsUm/A4018BM/CdqsgoyRb6DO6AsRlrAmTbtcFUHO2ilu9tKsgwmuB6h8MblfPR/gX2ksN4NIOvUDU0k=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 5EEF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d07c2d2db7a9c61e77b6967b9a65aa0767106ac15225adf30072bf05d38b7491

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E9E2 0
10 B 103ms
102ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qSg2vg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 5E76 290 B
624 B 395ms
108ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 28 Jul 2023 07:56:36 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: c6e827d0-1b47-4422-8f73-ef420efc505e

GET
H2 200 b
geo.yahoo.com/ Frame 5E76 43 B
96 B 318ms
101ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:37 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E29 0
10 B 84ms
83ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Cnjysw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 b
geo.yahoo.com/ Frame 5EEF 43 B
367 B 281ms
89ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:37 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 5EEF 290 B
356 B 413ms
156ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 28 Jul 2023 07:56:36 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 19
x-xss-protection: 1; mode=block
x-request-id: 0c1c5212-2de5-4027-a414-1c9cb9fd0099

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 5E76
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

65ms
64ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13667
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olly6tNzfPYKuxA04LRx1O%2Bp2RVt6dlvaJXmIPWA73YhEt%2F3OV0LLgvuT%2FYVD63k1JQj%2Fp9PHEVqTRGSzWpM2qbDp00o00ByRhkiLk1YXRVAeVH6I1r%2FY0VOMI0W0yRy8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7edb910fb812489a-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 5EEF
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

56ms
55ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13667
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b999LbSDvku%2F4KT2NAEssd6ozFXLoUZ1uBykzv8Q2N1WPAUZaFz92vwIN%2F1MFRfM%2BUpLYqLeBtcO5Z%2FGDVBc0a4ti4F0ZHptd2uQZPxldD8vpOmH1FyT370BcsMNePlqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7edb910fe8f9489a-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8F2 0
0 117ms
114ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=4378041022381985&bg=!mpmlmc3NAAZGOVy5Zjk7ADkAdvg8WvuLST2JSGLA8tHwr5EQA-xQVy-xuoUMsva8oc4uZzvf-sAZfqEeLyy3UD2omfl-y7ybJNcCAAACx1IAAAAJaAEHmQL8HQZXa4P9-U-5CuJMq9pretWf0ermpeWsGx5clkFt3LalYhf8LR5lSBYrRlc0FcinBq-pUTmlts9i5-S8td4N3iNkhzYb96diiY93Y4FkhqG7JLA1ljGE1SP7Pdsr-AQ8wEq5NtFhDBvBkLo5TYDnBZHghwt5-kKUjPIU5cedNNxO_JqgVTir5QmxRI_m3qO8nH4zpOCJFcsrc151snCEgt3IE-cp5KVJMM_uIidwkt9rNV4p3V8foL_RabH9lY2ojbIGyP9WPnykoJ5B6HxgpEnuO6PEmLgN8NnJCnc8p98_nRnvuqdL3RfiALvQPbOWv-aLU3BN9Mp_gELHvHNbRwORHb_Nvpxjd9X5844Cc7pRqX8M1Hqwcs5eKbz65iQBp_-AcuP6J9WCv4dxtPPB91_-9fa_E09U4ewkJxEG9GC6qBRMzH_jIdqnA29AmO6IKA2Xx4-fi0AVY-NizoroXgKuMmP9yviQs8wPTzWkpDNB6_hIh6Ry_BrFaCI9IqX8BH43zqFF2yBpeHK6NwT8aeGDLcYn5M8M8Hph4b_7miEoS11NEa42UHso3o-uaHsZb9H_xZJVB8s46omALBy3ZOdjedV09G7Yz-lU1mdgP0_lRP1XENXXmZg7tFQ8Tg87aqHadzcgjJ9HvuSayaciwxGGOcl8GPtcVtCQBSpvib_18ePyr9XBCzf_dtCddFlPYDlxfyhYx0G-fm5ntIhXqHFNjndjZ5VYe7Cyxw3HGLSTDGY64NY7zMT5wCRmoUmLu-OFMj1pEdFbYQOANEC0mZbii0fgIKjAN_VpZET4NMeK9eBanXixZW3hKEbJ_M5Da6wcuVAihxYzy58UN4M4C80awTYw6--1mXXHyagD5QviTpjm7RX7plRdjlCFLlRwczaqi_Vv1dQiDDrzJVDfFAzTv_70wuoefJpg22T_r_ybEnfjritD0njVNl53jVZNdStMxdLL51taVJFP-bpvhKV-iF2S6Rg_hHi2OM5veFeRO6KRHxEVRrp4Lao
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A300 0
0 116ms
115ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307240102&jk=3350170888162667&bg=!enmleS3NAAZGOVy5Zjk7ADkAdvg8WpFtMniyePPQN7mn_QX38U4xD-IzzTwQqruRVKaoYH7bPRp0OeIuPodabNPQyF80ZRYa8IQCAAACqFIAAAAKaAEHCgBZdPKqmL2HOdMsjqLjdGV8xqBEvCFtHkIW9z-LQhBOW72MMEPbLG9wlZlzKhLmYOr1cld_7O9POQpwlxi-wPGdH3if4SJAJ64aMd6nuWi3CkARSw2LQh3TdRGZAwaaXo28gLjk1Ef6MPSIFe0Apu8omcskRNVHjqSYOyKq3YKEzMcPP0mtunXYJbYcd1DUCRjucTQKJu4x8VLfH8mPjSaqpYpGXqAZhH3aGMO2btjJh9XW0e2dSNGlpUMGW_18ZWpznN_5VAphe5EUODKelKCt9gyH6YeWkqdUoIP-Jaa_u1fWuTZhlEkYxVz-DNFv4oUBAeSO1-HaN-SpmusKPaog1_o4OBUdpQ1mgsKCZhFpbQtad9PIk-AhFgjyIyfSfjXQLcHibXW7ucd8vikuktitbKqEg1yjcI9vKaVrRajNvVknUiRpFIOFlpDMWBqXf-og2s_SIlquFs3fHgy70vBFpVXu4GaM-K1OPm5jX5vLRWOBdhMLgo0ZW1Ty-6rwgFWoY2CnV29RrqM4Mf5cMcp4Jt_Ag_S0bT60UcVct0eGCtJPPoKWnKg2jy1ow286_DO5GHsE1fDZgEO_E5jk2nSSQ8RqRgBB2HBig2vtgHcfO3Ja88iYPgpl2UGy5VUNoTX3r0-_6R-tVuURNHnRJk2ZajeJl0xUPDttt28p-zn1gLJ6lMXfpP5gzTsTr-zZh3lcN6qvcxLu6EZfh1_kmZ2JdMq5CczwD8zntI74u5-IcLqm_ijU9Pw6U7hVqsesiO-9-tzEE1TI8f-1-9dDTVQZsgw7nxfaOXVEshU2Qz9cyfRLqh6KvsSIAH7LLaRg3r77bNR6-IiduZGvBLuHqMEZKkQx3re60RJcCsCLG__Lw-bDtMSE0fFAne-Sjn8PW3WYlV9nkaRkAPXGSJCUwX2ztxk7KRmI6HYKoFAPk55jo9pIm4lBsppe9jzKF0t_Zubsb86axYLhR2bIBqS5XRsE6W7YoIiNoLz6qgnNjDWTLRJ_KOWQNxQonNDQEEGSwTNIUvu-09vY4MfmgjNaCyjkbXWtPTXK49I6pRDTCpw1ZzXi9B0EHL1S-sRadNwyMuxm9lV5SgPAx9zYL3Q044OV6kMxgMER9MuwZRRwusN0mmp1MbZ0UyIBn5XXj99BdkNQvJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 5E76 975 B
748 B 57ms
57ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13520
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuwAiV2%2FmaPNi%2Bqpa1q%2FB2l5T7%2B306wehHpN8AUmR73sPdhUr29sC26twet3HQ2jdN0yNKngBVmswcr8y1DdfKjcudpAkICLyd385w9KRreP7pvn0S3Rx169NmxOo%2Bsjaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7edb9110294a489a-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 5E76 638 B
1 KB 541ms
235ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.5854671541972316&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:38 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 8091c546-1893-3bfe-88d7-5c32cdad5f07
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E76 0
0 272ms
116ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstExHe1PdU5b7-cBYa3nH79POacwqrhRXEe1cOz70IxyabGS9ZcEPM0_mroaJXWgk3tmKheYQwA9QvW-GjIfalSuKnKfZH6V9ibOl17x4G3l3RFi2EFVodJy5GKV3Hdz82kFP4bM4e7ddmEmDO_OCcVahCpmMcrXkaK0uwt6qBaJl-gb4Tx8rcgy7R8ApiD_rATKu-_m4tI-zC84QsUdV6oNyHAiF7z93zr_Ak0NVbtkcJPKqgOMtUof_638IU6KjEAqjJGZPOKbOBgTqzBC8iI-2Ks4Faqj04wmv5CfWqEW3V0isSwRMZnc31u81ALhyQDAB9vrybyLdRZXcEe9w&sai=AMfl-YS1yRezDceH6zWGjGkG_2oRITHaWA_YXJZdnwLkAH1BfiQFPTc210ekojjwqD1vzy_eGHa4dlHEFsEsDv3svHWKoxi9ktwYeZrnCw&sig=Cg0ArKJSzKvfTRLQfHElEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jul 2023 07:56:38 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 5EEF 975 B
756 B 55ms
55ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13520
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQs%2BAYFhciA664%2B27KxF%2BWJze4TCEuHWn2fK%2FiugG%2BbK%2Fk%2F%2FZssFriPWpnZFB8w7w0K0Z6wvS3r59PoBbGpXqhrSpOVvrDBh8hs4JelvEFXdQnHoHW3xbcfR0L2ZfS7C2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7edb9110da58489a-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 5EEF 638 B
1 KB 487ms
181ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9864286427143478&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 07:56:38 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 8091c546-1893-3bfe-88d7-5c32cdad5f07
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5EEF 0
0 193ms
114ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC_rWaVn6hAKL-U3Y5FIaDhFnZ88niOanZ7MM92M8VV3Qr6rAaeOmvSo2f_wSf6t_4gKdVsHW5UDU3ZWG6GBzF1pt7GxvEKtnD2ABGX6p7wKBX7EH-0rD1QYzxXNTnhbxyp0hnSeN8VcS4G2Zub4quTOmGM9_omrJMqMflgcg803hqAdoUL9DuaoeP_lFSScDB90MSYRUeijIuXh3-1QtO2UfqYN_U7fssGom_PluKUKhmc5bWgbj8aW-1GLYBfFJTaaPisJMjYmp3SdR3ftXETRYd_y0oiFJ-TahjzasgkI1XiOyoNE_5Me3bjD0uk4R2Fsz98orrO8M4ruKqQA&sai=AMfl-YR-kEz9KoPa_KnrosEWD2AnT7-OZZBir9koJ6yafYySY95RaMZ5AnIIIatEf1c3TNXYHZGfZtuAdpNNYuJPEkl2ijxAIvkjYqnIfg&sig=Cg0ArKJSzCYCBhXqnY7AEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jul 2023 07:56:38 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
800 B 703ms
673ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690530997955&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1536&pt=-1903635602&tz=0&viewable=true&ddast=V8zTQCLAaoMV9cwS8u6BBQY764gl9c0CkAAABgYID-AEm5bIaNb7hb65abxVo08yzXwsFqspbYbBOXbzLZmGzGISApl82w8Q13a91ys1iLZp7lWjhYTdYSm23i8k0mG5PNOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8IqfD7tYYXW65w-6WuN4al93nlj6cbqnTLT263ELX060xOt0iv93nFj7dQtfD7nNLn26p0-F3Sx9Ot-jhdOsedrfm6HSLHX63zmX32YWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAFjl8BCvl9l1PYhcBonDafz7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAEBD6EXr3yZ2v8uIFNQWYQQAAAAgFzDh68gknaBiUeX__7_fCsAVAICAxM0_ZKIsuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR2gAASBNMEcWu5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WAwGYwszkWpt3I5DKONsvJcjQarkaD5W6zMcxmk-1xh-8ewTnKHOqzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEQzOTabJbTNyqwWK3Fu1Gi7XEtVq5NYPhargczlwOw8oten1MF4vH5rCMvEgwAG8vkqdFOpEsfIvZbDNaOHbDmW3mmu12k4XFtjDOVs6JY7iciCWak0U6kV32hc1gZnMsTLuRyWUcbZaT5Wg0XI0Gy91mY5jNJvvSzGSa7BYTt2qw2K1Fu9FiLXGtVm7NYLgaLoczl8OwcoteH9PF4rE5LCN_Y7YcrDaD5XC5b8yWg9VmsBwu9x06w3f1ORuVZZXko3L6_Obq2uY0KFwGi_f5vUhDO6PN6NN8JRbTRn0rSaxCv9_v9_v9fr_f792YDR6DwTDzaLeJscuv2fyUR433YFDEEsFFOhE8zG6H6eWW-Dwbv0UsUZou0ole4Rc5HXa3xuhyyx12t8T11rjsPrf04XRLnW7p0eUWup5ujdHpFvntPrfw6Ra6HnafW_p0S50Ov1v6cLpFD6db97C7NUenW-zwu3Uuu88uNL3NFrFEcLpIJ6KX8XRR_xFDDFdzxWQ4V86Vq1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJxGLi_v___8cBAACQkUMPAACAfh9QFgAAAAAAwD8AFWKtVqvbjbVaLQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: dc8e1425fe0fc94486b6244aba1ae560e580fa020509517d5e8d9438609192f2

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:38 GMT
content-encoding: gzip
server: nginx
machineid: 1490
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 00FF 144 KB
49 KB 134ms
133ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

74cb1aafe459174dbc658cdb0d88178779d749b26efca131534ca29c0d4e165b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50639
x-xss-protection: 0
server: cafe
etag: 5391694997485061193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:38 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 287B 144 KB
50 KB 204ms
203ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7038c2efc6e8f59b2cb9a1c55ab77381ea63b43fdd68d973fb4c9b70a4f4757d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50653
x-xss-protection: 0
server: cafe
etag: 17102307419481596064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame 00FF 363 KB
124 KB 157ms
156ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3dbe22c7017913518391981705d8349cd28c0d57716435df67297770524e2a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127311
x-xss-protection: 0
server: cafe
etag: 15949645430790839861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame E41D 10 KB
5 KB 84ms
83ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 3049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:05:49 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 07:05:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 79ms
78ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=5323&cid=75662598.1690530994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690530993&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdian-che-nan-bu-ceng-zai-ji-zhe-hui-chi-dong-xi-huang-zi-jiao-zai-tai-wan-shi-lao-geng.html&dt=%E3%80%8C%E9%9B%BB%E8%BB%8A%E7%94%B7%E3%80%8D%E4%B8%8D%E6%9B%BE%E5%9C%A8%E8%A8%98%E8%80%85%E6%9C%83%E5%90%83%E6%9D%B1%E8%A5%BF%E3%80%80%E9%BB%83%E5%AD%90%E4%BD%BC%EF%BC%9A%E5%9C%A8%E8%87%BA%E7%81%A3%E6%98%AF%E8%80%81%E6%A2%97%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ Frame 287B 364 KB
125 KB 153ms
153ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31076491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b289bee88fe93efb62ba11fb9496f4da1f72ce7ee5dfe369c760cdc46637fbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127854
x-xss-protection: 0
server: cafe
etag: 6774261891389530914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 07:56:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5EEF 42 B
64 B 124ms
122ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTx6gVUl6FDTrgP-O7R_TSYys5SdtZPtjazrornk3JLEeRj4qCpPXTETajrwV6sFiqTXTFQKzBP4W6XaGV1kNDyky_w1VRRad3lRYQ6eWIP5XgMiYe&sig=Cg0ArKJSzNSO3LDcd7QlEAE&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690530995862&rpt=2084&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 07:56:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29EF 603 B
66 B 246ms
244ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1690530999&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998646&bpp=6&bdt=766&idt=323&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=3382851952064&frm=8&ife=4&pv=2&ga_vid=1530646568.1690530999&ga_sid=1690530999&ga_hid=981620664&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4158074664&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076444%2C44788441&oid=2&pvsid=1747487317596306&tmod=198848231&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tjs5dh2p480g&fsb=1&dtd=377

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 00FF 15 KB
12 KB 131ms
130ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ae8e181913630654e73b2e23c1beeac135179b5dbab5d203f189f3804df0c28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11794
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAFB 603 B
66 B 267ms
263ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1690530999&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998646&bpp=3&bdt=766&idt=339&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3382851952064&frm=8&ife=4&pv=1&ga_vid=1530646568.1690530999&ga_sid=1690530999&ga_hid=981620664&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4158074664&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076444%2C44788441&oid=2&pvsid=1747487317596306&tmod=198848231&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.iq0i0s5vrpwe&fsb=1&dtd=434

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 898B 603 B
66 B 248ms
246ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1690530999&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998829&bpp=10&bdt=1002&idt=267&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&nras=1&correlator=529474552688&frm=8&ife=4&pv=2&ga_vid=500135206.1690530999&ga_sid=1690530999&ga_hid=1472079234&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3375910278&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076444%2C31076491%2C44788442%2C44797800&oid=2&pvsid=3175003955036800&tmod=1146283455&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.dqi6uxyi2n1t&fsb=1&dtd=316

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 287B 15 KB
11 KB 126ms
126ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

86414d355ef3290be0752412074d02b6dce3e41b2a5d628eb4395714105bf436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11615
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8492 603 B
66 B 281ms
280ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1690530999&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998829&bpp=4&bdt=1002&idt=276&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=529474552688&frm=8&ife=4&pv=1&ga_vid=500135206.1690530999&ga_sid=1690530999&ga_hid=1472079234&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3375910278&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076444%2C31076491%2C44788442%2C44797800&oid=2&pvsid=3175003955036800&tmod=1146283455&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.sxqgy634ek09&fsb=1&dtd=362

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 00FF 17 KB
6 KB 93ms
92ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:39 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
94 B 157ms
156ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 111
date: Fri, 28 Jul 2023 07:56:39 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 108872
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490035-LIS
pragma: no-cache
server: nginx
x-timer: S1690530999.238172,VS0,VE111
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 287B 17 KB
6 KB 93ms
92ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 07:56:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0CB6 13 KB
5 KB 90ms
87ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBB5 783 B
536 B 111ms
110ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

83a4002373160aaf7879c9562d8b67c155daaf3db94994db252428ea5287ff95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sKrDRy0WhJWf1ZRoQ89GYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-sKrDRy0WhJWf1ZRoQ89GYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:39 GMT
expires: Fri, 28 Jul 2023 07:56:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DD2 13 KB
5 KB 134ms
93ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:38:30 GMT
expires: Sat, 27 Jul 2024 07:38:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 898B 783 B
535 B 129ms
105ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

8b9719ba4608ac34ab72e3e750869bb3c5eb82e8976b0eb8e52a2bb201d5bac8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uvwE6kPFhbeza5SXix2mqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-uvwE6kPFhbeza5SXix2mqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 07:56:39 GMT
expires: Fri, 28 Jul 2023 07:56:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBB5 0
0 120ms
118ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=1747487317596306&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CB6 37 KB
14 KB 102ms
90ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 898B 0
0 114ms
113ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=3175003955036800&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DD2 37 KB
14 KB 80ms
80ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 00:35:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0CB6 0
10 B 81ms
80ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dVePoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5DD2 0
10 B 82ms
81ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?68BJ3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:56:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/da2afcced71c4f3e5a22022d6c0c6d3f.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/24abe73165b5cf4d10c5dda8ca7b4ca0.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c3dab33269c8a5d6e1f5564ef0a0ff10.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/a797b8f26b5b1dfcd822bde94cf9408e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/dd6e7d7dff0b0d35266d46d46d323472.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/789c409b24a2191427e70a853db004e4.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b3b92509ebfa123b9caca689cd662bce.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/24e40e85ab818bad083b51e7400ff72e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7a4efbba0ce915166476182464d42b07.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/a15f6b36618e2a05c45f9f8821003222.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e4aaabae2ebb04d9fd2eb111a01cf8a1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/3b0b77b22fe390bfb5345e87a4d71b4b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e7db1caa08c672ac716ea28e1a307b0b.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c6cd42ccecb8f825582a782040fea0df.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/3e93a3331b22df6e36c0ca2a5102508a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2ed722b2c16f05a4fb398d6e1612deeb.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/cf4725d08015ae6434cd0166c7747382.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/6ad8e056650dc60fe109c8759a071b7e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d7aa6add2a89d9f16ed01c22cc69454e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4cfce270384a91ab26e9e441d7a0d0e8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e651b034545f6f775e4434b66b5d5f5f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/d641c85e014e0993fcf683974523c15f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/195dd03d1da9a3ca7bcd1d92ada03ba3.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4b4b660bdf46981ad823bf30909514fb.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c849650b0c3bddaeb917debe2de4b0df.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8660c1efe8a1493afd2bbd35ed5d397a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/3133c44daa010bf68acf86c16ea7db11.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/630418722b9f36a91e6ee853d5a3df67.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b1b917a10eff123d66832aa742db0228.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/09339ad41791c03fac5839f8a5c84433.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0206532dd219777e4cf6131148b14c72.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aralego.com/	1970-01-20 22:21:06	Name: sspid Value: 8091c546-1893-3bfe-88d7-5c32cdad5f07
www.bg3.co/	1970-01-20 22:21:06	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D4fd4271b-5017-4741-b55e-3085898fea0e-tuctbbcfa2d
.aralego.com/	1970-01-20 22:21:06	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:21:06	Name: gdpr Value: 1
.www.bg3.co/	1970-01-20 14:18:42	Name: _im_vid Value: 01H6DQZMC27D98NXS85KTHF77Z
.bg3.co/	1970-01-20 22:57:06	Name: __gads Value: ID=17bd525247af7834-229f876f3ede00e8:T=1690530992:RT=1690530992:S=ALNI_MaUgOKgLg6OtFZXJoIKgpZLdVY59A
.bg3.co/	1970-01-20 22:57:06	Name: __gpi Value: UID=00000d26b306cf4c:T=1690530992:RT=1690530992:S=ALNI_Mbul-evUHHLoi5p-z1dLE7826aSTw
.quantserve.com/	1970-01-20 23:05:45	Name: mc Value: 64c374b0-c7cf8-3d2c9-ddf2e
.bg3.co/	1970-01-20 22:59:59	Name: __qca Value: P0-2099627854-1690530992158
.id5-sync.com/	1970-01-20 13:35:31	Name: cf Value:
.id5-sync.com/	1970-01-20 13:35:31	Name: cip Value:
.id5-sync.com/	1970-01-20 13:35:31	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:35:31	Name: car Value:
.id5-sync.com/	1970-01-20 13:35:31	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:35:31	Name: callback Value:
.doubleclick.net/	1970-01-20 22:57:06	Name: IDE Value: AHWqTUlHxN6uoXavKVnw6chgpnhOMPcuVGEzy4vsqMQh4iCMjHjBiE2Es49cReGE0vU
.adform.net/	1970-01-20 14:20:09	Name: C Value: 1
.everesttech.net/	1970-01-20 22:21:06	Name: everest_g_v2 Value: g_surferid~ZMN0sQAA9uH_OgA4
.mxptint.net/	1970-01-20 23:11:30	Name: mxpim Value: R33646_10682D444_142A3B5EB.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064C374B1
.adform.net/	1970-01-20 15:01:54	Name: uid Value: 5386090009127793644
.amazon-adsystem.com/	1970-01-20 19:32:38	Name: ad-id Value: A6mqCowrAU1hgLFQeY-Gq0c
.amazon-adsystem.com/	1970-01-20 23:11:30	Name: ad-privacy Value: 0
.bg3.co/	1970-01-20 23:11:30	Name: _ga Value: GA1.1.75662598.1690530994
.bg3.co/	1970-01-20 23:11:30	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1690530993.1.0.1690530993.0.0.0

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/24e40e85ab818bad083b51e7400ff72e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e4aaabae2ebb04d9fd2eb111a01cf8a1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7a4efbba0ce915166476182464d42b07.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b3b92509ebfa123b9caca689cd662bce.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/3b0b77b22fe390bfb5345e87a4d71b4b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c3dab33269c8a5d6e1f5564ef0a0ff10.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/a15f6b36618e2a05c45f9f8821003222.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/24abe73165b5cf4d10c5dda8ca7b4ca0.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/a797b8f26b5b1dfcd822bde94cf9408e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/dd6e7d7dff0b0d35266d46d46d323472.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/da2afcced71c4f3e5a22022d6c0c6d3f.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/789c409b24a2191427e70a853db004e4.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/3e93a3331b22df6e36c0ca2a5102508a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e7db1caa08c672ac716ea28e1a307b0b.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/6ad8e056650dc60fe109c8759a071b7e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c6cd42ccecb8f825582a782040fea0df.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/cf4725d08015ae6434cd0166c7747382.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/d641c85e014e0993fcf683974523c15f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/4cfce270384a91ab26e9e441d7a0d0e8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/4b4b660bdf46981ad823bf30909514fb.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e651b034545f6f775e4434b66b5d5f5f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/195dd03d1da9a3ca7bcd1d92ada03ba3.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2ed722b2c16f05a4fb398d6e1612deeb.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c849650b0c3bddaeb917debe2de4b0df.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d7aa6add2a89d9f16ed01c22cc69454e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/3133c44daa010bf68acf86c16ea7db11.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/630418722b9f36a91e6ee853d5a3df67.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8660c1efe8a1493afd2bbd35ed5d397a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/09339ad41791c03fac5839f8a5c84433.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b1b917a10eff123d66832aa742db0228.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0206532dd219777e4cf6131148b14c72.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvZGlhbi1jaGUtbmFuLWJ1LWNlbmctemFpLWppLXpoZS1odWktY2hpLWRvbmcteGktaHVhbmctemktamlhby16YWktdGFpLXdhbi1zaGktbGFvLWdlbmcuaHRtbA==.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1690530999&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998646&bpp=6&bdt=766&idt=323&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=3382851952064&frm=8&ife=4&pv=2&ga_vid=1530646568.1690530999&ga_sid=1690530999&ga_hid=981620664&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4158074664&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076444%2C44788441&oid=2&pvsid=1747487317596306&tmod=198848231&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tjs5dh2p480g&fsb=1&dtd=377 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1690530999&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998646&bpp=3&bdt=766&idt=339&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3382851952064&frm=8&ife=4&pv=1&ga_vid=1530646568.1690530999&ga_sid=1690530999&ga_hid=981620664&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4158074664&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076444%2C44788441&oid=2&pvsid=1747487317596306&tmod=198848231&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.iq0i0s5vrpwe&fsb=1&dtd=434 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1690530999&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998829&bpp=10&bdt=1002&idt=267&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&nras=1&correlator=529474552688&frm=8&ife=4&pv=2&ga_vid=500135206.1690530999&ga_sid=1690530999&ga_hid=1472079234&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3375910278&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076444%2C31076491%2C44788442%2C44797800&oid=2&pvsid=3175003955036800&tmod=1146283455&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.dqi6uxyi2n1t&fsb=1&dtd=316 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1690530999&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690530998829&bpp=4&bdt=1002&idt=276&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=529474552688&frm=8&ife=4&pv=1&ga_vid=500135206.1690530999&ga_sid=1690530999&ga_hid=1472079234&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3375910278&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076444%2C31076491%2C44788442%2C44797800&oid=2&pvsid=3175003955036800&tmod=1146283455&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.sxqgy634ek09&fsb=1&dtd=362 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

34af83fa38bf7ee788efbd54580df25d.safeframe.googlesyndication.com
3636cf68a58022317761cb7d726f1fc3.safeframe.googlesyndication.com
5876284f9721bf646c3accbb52da788a.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
d-17574203392033144159.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
e4ec83603e4a5939a761387cabb89f07.safeframe.googlesyndication.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rbp.mxptint.net
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
103.231.174.251
104.26.5.103
108.138.7.39
13.112.76.83
141.226.224.32
141.226.228.48
141.95.33.111
142.250.181.226
142.250.184.226
142.250.185.226
142.250.186.129
142.250.186.132
142.250.186.162
142.250.186.65
142.250.74.194
151.101.129.44
151.101.193.44
151.101.194.49
172.217.16.200
172.217.18.3
172.217.23.110
173.194.76.157
178.250.7.13
18.66.97.129
18.66.97.30
185.106.33.48
188.114.97.3
188.125.72.139
192.96.203.13
2.16.202.106
2.16.202.84
2.23.209.36
216.239.32.36
216.58.206.33
216.58.206.46
216.58.212.138
23.201.255.110
23.97.225.52
3.67.157.9
3.71.149.231
34.120.96.193
35.186.215.140
35.71.131.137
37.157.2.234
38.98.69.175
52.198.195.5
52.46.130.91
54.217.214.211
69.16.175.42
69.173.144.138
69.173.144.165
69.173.151.100
87.248.100.136
87.248.119.252
91.228.74.208
95.101.149.233
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
062bafda95d57d1a69cc213bea03e8aed89477c69187070091bf40bf1ae95896
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4
0d83a13bb40d6bace904907c1739222ff3df6e756eb604738b0e84ed2069587a
0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1
0f697cfcbb582dde239ce9019e8bb34c8a404072697bb9f263e04970a2752c9a
0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
15ddb2410190a2140dfbe609cc37f6927a5431e3676754eafdeb88b72ce3df8b
16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0
17dc45b89e22364dfd448ad5faeb6d6c9f484803090a662a2256b42b4e1c3067
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18cad99145da5e69bbeacd00271491fd73ab6a9073141c0acd2ee0fe92aa6581
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2ade4279c3b32472f61c35484d70ba1cec2deea85e6061832e6998dfad85e85c
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2dd0e8ef48f516bb1a89fb09bae7538cec2367bd467b174e8efcb1434b0829b7
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3dbe22c7017913518391981705d8349cd28c0d57716435df67297770524e2a14
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e
458ba574ef845a0859bcc625447ee7dddf683cbb650b7054db0e5ce9ccaa397b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c72a836b84a634d453a61083ef8ab26c4558ba4b310fdb4df1e86ddef6b2fbd
4ca6031f63d30cda43203cbf27976e059226abab40694595dc8de443e2835f6b
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de
554f41c382c558ca5515d29a6ae43ca483e4f8b4277293f825e3aea1efb03380
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5710f1610a5dda4b819f30d9879c84aac2037793c887e032d3f6e5567ceb8bd9
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806
5f9e2d42205b6a1c720cd33802edbad14351854bc4425726a291e9baed286a6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
63a967b93b2109c0f1dcca44b33372c903a5c9e89078c77dbe63201f2e25f064
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
69c8559f4399f451bc7c3c665d97161da5acf97cd8ffe01bd3385cd99680a263
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b88ac9514ab37c5a91d01e2309ee60bc9558bfe02d3538dc6728849b226db6f
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
7038c2efc6e8f59b2cb9a1c55ab77381ea63b43fdd68d973fb4c9b70a4f4757d
74cb1aafe459174dbc658cdb0d88178779d749b26efca131534ca29c0d4e165b
7a1f7a33deedb31111130c0fcf52be41ff6b6f65838e4e703c498da5a81ec783
7cc59e52318d6234984dd40fe0edc2d6aef660deea0c3f69e0ac8a0673a1e892
7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
82553f601ea713da610c2b325127155eedda1b37f7ff357865da34c6af90d175
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a4002373160aaf7879c9562d8b67c155daaf3db94994db252428ea5287ff95
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86195014b2476ea609c147c86ffca7082fb59d5c2cd9d1d67f8706b93ec5164e
86414d355ef3290be0752412074d02b6dce3e41b2a5d628eb4395714105bf436
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88ab21e289f6b12fa17c748580a8823c07858448b4280886b3b80f048b04e888
8a4548871347cb4749b2f4c307a836d7c9fa46726d9bc86833d69cebd876d9f4
8af381e59edf9c5503ca57b32ca97802c48e4dcac83300b28fb51e9ba4102f74
8b9719ba4608ac34ab72e3e750869bb3c5eb82e8976b0eb8e52a2bb201d5bac8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2d4d6871a5a05023fdf05b6dd03f32c7c535278ec7a332ae8d9a0fe1e701ac
906e35c49bb9aecd37ba4cff0b9a4341f3d4afd45b853fe9c4d2168e46b80f34
91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656
9cab80f65f6d17fae9f2d787523ea7e4812c65feb9bdce929e95e7db1830d45f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a483647e3045f6f8835b3cba32fde7c4a51d45be87661f5b74a0a4277e6af7fb
a882544fff30a3e86450eac4425ef6dfe9122cad7102e7e78464059d162adb6e
ac2dfbbac595b6cb7c426e22030c925f3e0eff8c21dd4c9d8282c3091497c0bd
ae8e181913630654e73b2e23c1beeac135179b5dbab5d203f189f3804df0c28a
af97598b65e8f7e7ad63df2bb8d9762c9fb7c66b66590ba583c9f8c119861338
b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b289bee88fe93efb62ba11fb9496f4da1f72ce7ee5dfe369c760cdc46637fbb9
b3d3524cbd38b9e98fc312d3aa6db8ee6cc873ba13332dab5bf8fa68033f347a
b5873f5ac42a0c27f204fc3ca01661c07a28c52b1f8ceb145746644ebe637360
b5c6d926f7496146d50267eff74dd0e84b73f8067168d91d2cbd55ec3144c0d0
b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60
b99080be19b1771bb388ab914d411fde8fd4e16932a677e59e54e4b4b39cc442
b99de2e4c121d06c1569852abd5e4bdaf0fcb229411b60ae9e672d0fbe0a7797
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39
bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf
bea31d82a530e0029178c357c553cf13aba4df2fd7390900d27eb77975740d02
bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5
c40f08f999ff27a8f1f2e103bd5af61ca359f0616e50dbe24ceba81a8dc07ac9
c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed
c7fc5c7970811d820cc499b1b5374169498bf4028dab50d97422c7fb4ed325dc
c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7
ca66d86191935dda4bb067804600ef739a1ce8b11616cccd179b66a2292dcb67
ce2ec197c890c8cf716efd768385a53dbfd521e6c0aa69070d7b8c1bc0c28c31
cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba
cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2
d07c2d2db7a9c61e77b6967b9a65aa0767106ac15225adf30072bf05d38b7491
d644b30cc2f464aea3f2c02180358ee4e5bb22746ee2e7c0c4553d77b218dc20
dc8e1425fe0fc94486b6244aba1ae560e580fa020509517d5e8d9438609192f2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e10848ecb4adcd9460f3c1bcfc2c37c7d1295f011689c32b653d8d5ff236debd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f79f1bbbb0546c60a65cd629390650c7aa72c2bcde35afedd56d17e67e4bef
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d
e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0480aee6ade54e46905f153d6ca4b745ba051d3bd1537a35f742b2a6fbe3c91
f0c97ab0daa9af4b262156bc3e5a582fb3dec1089f5f80ad152edf76d0faff43
f16cedf75f46cac5cee8a1c5fae7f805cb69c6b7da7c296991b65d696efc77ac
f33777cb2183d118634bcb77f2e7e674ae85791c9cc84a5d75f2c529571f9c87
f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f69f6c5a6dcf3d2921da464d405010268cefb182d77303cb3ce46d8f1aedde3e
f77d26df1da4213e00ab9df87a2d3a51078f94f48a6b0c40ba04d443c52d1ff7
f8dbd72cc88c7ee72b42558cb44b329918df9d7a1f1856bda43e1199b7582e8f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb9538cadd0dab9bd0b70439b417107105d6d3b34bc92eb6e35612f23f1a7c1e
fd91ea8a8c3e60d59973f9f9c8c1cd40f787f6526ca364c241b156f982dae6da
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fff39df7f06cbc608ac47d0faf67d7953d2281a4164f3b4d6a231b2cd1a5019f

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

310 Requests

86 %HTTPS

0 %IPv6

36 Domains

72 Subdomains

53 IPs

10 Countries

4048 kBTransfer

12060 kBSize

24 Cookies

13 Outgoing links

Redirected requests

310 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

310
Requests

86 %
HTTPS

0 %
IPv6

36
Domains

72
Subdomains

53
IPs

10
Countries

4048 kB
Transfer

12060 kB
Size

24
Cookies

310 HTTP transactions
3 data transactions