www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Submission: On July 19 via manual (July 19th 2023, 4:01:21 pm UTC) from US — Scanned from PT

Summary HTTP 295 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 39 domains to perform 295 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
1 6	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
10	104.26.4.103 104.26.4.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.202.113 2.16.202.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.16.202.84 2.16.202.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	52.196.246.135 52.196.246.135	16509 (AMAZON-02) (AMAZON-02)
39	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 6	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
16	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
17	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	23.2.229.193 23.2.229.193	16625 (AKAMAI-AS) (AKAMAI-AS)
8	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	91.228.74.200 91.228.74.200	16509 (AMAZON-02) (AMAZON-02)
2	2.16.110.91 2.16.110.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.84.9.128 99.84.9.128	16509 (AMAZON-02) (AMAZON-02)
1	172.64.136.31 172.64.136.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
2	54.178.5.175 54.178.5.175	16509 (AMAZON-02) (AMAZON-02)
1	18.244.140.4 18.244.140.4	16509 (AMAZON-02) (AMAZON-02)
4	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	54.76.240.16 54.76.240.16	16509 (AMAZON-02) (AMAZON-02)
2	18.156.56.38 18.156.56.38	16509 (AMAZON-02) (AMAZON-02)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	3.233.144.250 3.233.144.250	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	99.86.91.52 99.86.91.52	16509 (AMAZON-02) (AMAZON-02)
22	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
7	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	87.248.119.252 87.248.119.252	() ()
3 4	142.250.74.194 142.250.74.194	() ()
2 4	185.80.39.216 185.80.39.216	() ()
3 4	185.89.210.101 185.89.210.101	() ()
1	87.248.100.136 87.248.100.136	() ()
1	188.125.72.139 188.125.72.139	() ()
1	78.46.90.238 78.46.90.238	() ()
1 3	138.201.63.145 138.201.63.145	() ()
295	57

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-113.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.202.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-84.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.246.135 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-246-135.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.210.196.208 (Ashburn, United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

d-24802988192338826907.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.2.229.193 (Schiphol, Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-229-193.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.110.91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-110-91.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.9.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-9-128.lhr62.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.136.31 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.178.5.175 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-5-175.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.140.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-4.lhr50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.240.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-240-16.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.56.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-56-38.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.144.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-144-250.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.91.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-52.cdg50.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.252 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.136 (None, )

ASN- ()

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.72.139 (None, )

ASN- ()

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.90.238 (None, )

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.145 (None, ) 1 redirects

ASN- ()

hal900010.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 848 trc.taboola.com — Cisco Umbrella Rank: 608 trc-events.taboola.com — Cisco Umbrella Rank: 1870 vidstat.taboola.com — Cisco Umbrella Rank: 2612 il-trc-events.taboola.com — Cisco Umbrella Rank: 19408 images.taboola.com — Cisco Umbrella Rank: 1818 imprammp.taboola.com — Cisco Umbrella Rank: 12804 am-vid-events.taboola.com — Cisco Umbrella Rank: 12146 am-match.taboola.com — Cisco Umbrella Rank: 12807 wf.taboola.com — Cisco Umbrella Rank: 2751 vidstatb.taboola.com — Cisco Umbrella Rank: 4890 pips.taboola.com — Cisco Umbrella Rank: 1561 cds.taboola.com — Cisco Umbrella Rank: 1767 am-wf.taboola.com	1 MB
66	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com	796 KB
27	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net	800 KB
17	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1142 eus.rubiconproject.com — Cisco Umbrella Rank: 631 token.rubiconproject.com — Cisco Umbrella Rank: 626 pixel.rubiconproject.com — Cisco Umbrella Rank: 382 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 32175	46 KB
12	aralego.com 4 redirects ads.aralego.com — Cisco Umbrella Rank: 37209 sync.aralego.com — Cisco Umbrella Rank: 3052 agent.aralego.com — Cisco Umbrella Rank: 288707	8 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1723 adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	14 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 395	220 KB
10	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13341	163 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 16991 e3.adpushup.com — Cisco Umbrella Rank: 18137	255 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	887 B
5	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461 ads.yap.yahoo.com geo.yahoo.com	2 KB
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal900010.redintelligence.net	10 KB
4	adnxs.com 3 redirects ib.adnxs.com	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
3	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 103260	30 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	793 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 69708 sync.logly.co.jp — Cisco Umbrella Rank: 74897	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26526 audiencedata.im-apps.net — Cisco Umbrella Rank: 28958	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	113 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 555486	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	918 B
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10921	505 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 346	291 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	83 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1226 pixel.quantserve.com — Cisco Umbrella Rank: 919	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 27494	12 KB
1	yimg.com s.yimg.com	30 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	634 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19539	3 KB
1	ampproject.net d-24802988192338826907.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 425	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 107113	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	19 KB
0	adform.net Failed c1.adform.net Failed
0	simpli.fi Failed um.simpli.fi Failed
0	w55c.net Failed pm.w55c.net Failed
0	contentspread.net Failed cdn.contentspread.net Failed
295	39

	Domain	Requested by
39	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com agent.aralego.com www.googletagservices.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com googleads.g.doubleclick.net
17	il-trc-events.taboola.com	www.bg3.co cdn.taboola.com
16	securepubads.g.doubleclick.net	cdn.adpushup.com cdn.aralego.net securepubads.g.doubleclick.net agent.aralego.com www.bg3.co www.googletagservices.com
16	cdn.taboola.com	www.bg3.co cdn.taboola.com
13	images.taboola.com	www.bg3.co
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
8	eus.rubiconproject.com	ads.aralego.com nt.compass-fit.jp eus.rubiconproject.com am-match.taboola.com
7	www.google.com	tpc.googlesyndication.com d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
4	token.rubiconproject.com	eus.rubiconproject.com
4	www.google-analytics.com	www.bg3.co cdn.ampproject.org
3	hal900010.redintelligence.net	1 redirects d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com hal900010.redintelligence.net
3	am-wf.taboola.com	vidstat.taboola.com
3	agent.aralego.com	3 redirects
3	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	adservice.google.com	cdn.ampproject.org pagead2.googlesyndication.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	trc.taboola.com	cdn.taboola.com
2	www.googletagservices.com	securepubads.g.doubleclick.net d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
2	d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	x.bidswitch.net	imprammp.taboola.com am-match.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	am-vid-events.taboola.com	www.bg3.co
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	cdn.adpushup.com delivery.adrecover.com
2	delivery.adrecover.com	www.bg3.co
1	hal9000.redintelligence.net	d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
1	geo.yahoo.com	adx.holmesmind.com
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.sitemaji.com
1	98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.bg3.co
1	pixel.rubiconproject.com	eus.rubiconproject.com
1	pixel.quantserve.com	www.bg3.co
1	c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	imprammp.taboola.com	vidstat.taboola.com
1	fonts.googleapis.com	cdn.taboola.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	l.logly.co.jp	nt.compass-fit.jp
1	secure.quantserve.com	cdn.adpushup.com
1	d-24802988192338826907.ampproject.net	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	trc-events.taboola.com	cdn.taboola.com
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	c1.adform.net Failed	d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
0	um.simpli.fi Failed	d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
0	pm.w55c.net Failed	d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
0	cdn.contentspread.net Failed	hal900010.redintelligence.net
0	static.bg3.co Failed	www.bg3.co
295	77

This site contains links to these domains. Also see Links.

Domain
1t5cbr.llsdzktnxwnnr.com
popup.taboola.com
mrwvhw.dmtrlsng.com
trcclick.com
trc.taboola.com
4d3868.llsdzktnxwnnr.com
2ab710.zbrjtstrclnm.com
n33w2m.llsdzktnxwnnr.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Frame ID: 2DBFC0289FEAA8F34601879D40D8F68F
Requests: 136 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 66F1C1FC8CDD438F43D6037DFAEA04EA
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 48E74641160B43690F6602F7FE8A41CD
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1B5923E7993C36BE613F38E059D7900B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: C673CD16D86207963DD6261C985D5202
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 555A504F0F7B2AD948EFF885CFE53EAE
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0FC487EC66A5225A32D9454C515F4B4F
Requests: 7 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 15366ADC14ACA12D1CFF840D5D0296EF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 33652C7A297890826A26C904E2E5AF65
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1689782464241&uv=139332442&tms=1689782464241&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bc68c444-e685-48f7-9707-167fbd16b84b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 50ED8522F79124668BB91CF962C8A28C
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: AC354FC2058D753BBC9D6DE63FAD6124
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 192595971A0706939E82726F1E7794E6
Requests: 3 HTTP requests in this frame

Frame: https://55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0AD4EF9FE97064059B3B0A94B01720BC
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 3043C1147EA7973E005987E91B150AC3
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: DC8F97D6FDDAF43829047F751CF4453E
Requests: 5 HTTP requests in this frame

Frame: https://c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 880B54AF19514264666E8E75775AFB7F
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 95F6919BFA4599C5487D2D88F61C442C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1496485448990089475&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2822&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=26317005857&ga_cid=amp--Px2W6jhe3xns1l7guWNZw&ga_hid=5857&dt=1689782464270&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&bdt=3243&dtd=39&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: F72E59A8699FDF4D0A58AA5E262D0994
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B26F4DD3DD0FBBAE506A99AFCC6E29C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8C4EF48765198B7EC7A39F82EEE9A27
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8DBC9088E7D8FA14399427DC4B94668
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F244E6CBD4A6DFFB14D8F7D643680907
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04D2D8AB2883242DA9213B0FBD8D2E0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1FD138FE71250537633AFA0E800EADF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE01DF1A8538EAA300950204612D4AAF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 778E0BB3CB0B811622DF0999F0042E6C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 13772DA6E126AD9198CDF6804B57A850
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A46EB7C51DD890EA05E024645EF22071
Requests: 6 HTTP requests in this frame

Frame: https://98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: C21320BEB958DEE436844BD84AFBF551
Requests: 1 HTTP requests in this frame

Frame: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 35AE9B9DDF5A88AB48F2C6384067FD59
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcC6xjvAZ4U2ND8u2OhtBa8_MF23ntvPq3lHNkWm4QIq5XU1DNig9FPoizO-Y0gJL4QkqeettGWbdH_RprUoM7_6gW3op5pbTZj5lhr2p7bJTGxIthexrserJ3oO5UauUYw_yDUJTqGAGHnuWJaL3WuNK1mke07Bzuj10fyI4uwH1jJqhgqUELJIO51u4sIFYOsTa0dB59ouQm5bQVZXlNtboB0s9wFc3_HoNWEeyKak_Pl44ITvniNjXOo9C_JqGc0JpiWgqPfmuMSCi4-ppz_vLJtpS3s_jVN8SQGQ5MkiCmOYD6xHeAowAmhf-ETh07cAu1tLpI--hu_Co&sai=AMfl-YQyv81D15YSfXp9v4oKI24pLkABAuTL7PSm8N0luXLXHPjU-OTpLToWacEViNYV8tEBBze9daCtPJhtGs76Fwj0PZx86oov6SvELw&sig=Cg0ArKJSzMIUXbVelaSJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2A713A06EF819947BEBD964385DA33F7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE476BD8158F9593552A71DE01FEA7DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99C4B9BC8DBE523EE9398B10E8AF429D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 688A3E801A2FD9CEACFD1F79B1FE5CBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C41EC211C994D50795556B62ED0ABC3C
Requests: 2 HTTP requests in this frame

Frame: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 0335A723E6AB3B10463CFB6B3A57D662
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjUqdDGATAB&v=APEucNXGobxgzb02sReMgQD3KOysYSt0T2iPrwtAd-tc0GYvijaEOTpFM-APMLOTP163orP5lVdgNbHY1s1FOz9gpqpmjMgnAbObNyyGTflFSwxl2IGgy20Ox0RTecdt_InaUhwiraYOiAMvmg8A517GN0iqskJ6bE_bqKnYoi4hqqBfAO3qeTc
Frame ID: 90FF1668F9A5AB9C220B5EF55F6DF637
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 341FA5DD9E7B63B099B209B232F58CEF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 28AF65A353D371EF405C6D2B4EB25280
Requests: 4 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=60781300093480204452098012390010&a=516e3626
Frame ID: 9159C84FB1A14DDEF350CAD7BDB9C6CD
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A73D062EB8019458B362241AF84D4CA
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/zrt_lookup.html
Frame ID: ACDEDCA740648C8A588447F071C140FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1689782478&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689782476803&bpp=11&bdt=1848&idt=1179&shv=r20230718&mjsv=m202307130102&ptt=9&saldr=aa&nras=1&correlator=2699358671795&frm=8&ife=4&pv=2&ga_vid=529658434.1689782478&ga_sid=1689782478&ga_hid=1055743509&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3709938080&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44788442&oid=2&pvsid=4467480504660890&tmod=1963056738&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.u64m9axkcnc6&fsb=1&dtd=1239
Frame ID: BEA831ED691A77FF8482BD24B290E84E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1689782478&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689782476803&bpp=5&bdt=1848&idt=1190&shv=r20230718&mjsv=m202307130102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2699358671795&frm=8&ife=4&pv=1&ga_vid=529658434.1689782478&ga_sid=1689782478&ga_hid=1055743509&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3709938080&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44788442&oid=2&pvsid=4467480504660890&tmod=1963056738&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eajfgwic9hcy&fsb=1&dtd=1348
Frame ID: 24E75612A2D4F95A8E1E2DFB596B2A63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

一“芯”難求蘋果警告：iPhone用半導體吃緊汽車企業集體減產 - 天天要聞

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

295
Requests

89 %
HTTPS

0 %
IPv6

39
Domains

77
Subdomains

57
IPs

10
Countries

3735 kB
Transfer

11241 kB
Size

12
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://mrwvhw.dmtrlsng.com/
Title: Carros à Venda | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trcclick.com/click.php
Title: Elevador de Escada | Anúncios de Pesquisa

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&ri=9fdc4abb9114bd948d08dacb27c827b4&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&it=text&ii=~~V1~~8299596537596364017~~8BAC0qL0XWdBTuxWWthqxelz75CZgqUpDwxMYAADGoT6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKIEkboF226WcFt2DvAQWImZ8VhSaLe2XE35x_4AG7G7nv0rNe8glriuRMmo64wRawVIADargjYHu2iV4jaefIm9zwBwbVzqx5qDQAj-sfT0DkH-oNqmIUQEhnVjGPZwuj1Y1turI9NGiq4DGPkrIur_5xFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=7e8ad4b4f00a0204cc86a84b6f202ff07df2868c97cc&redir=https%3A%2F%2Ftrcclick.com%2Fclick.php%3Fkey%3Dbhm9j4wo07st8pwz1byy%26visitor_id%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2Fwoh87gq5iHt_GJAQ%26site_id%3D1524057%26site%3Dpalmate-bg3co%26site_domain%3Dbg3.co%26thumbnail%3Dthumbnail%26campaign_id%3D25892070%26campaign_item_id%3D3704563505%26visit_id%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2Fwoh87gq5iHt_GJAQ%26title%3DBraga%2B-%2BOs%2Belevadores%2Bde%2Bescada%2Bpodem%2Bser%2Bum%2Bsonho%2Brealizado%2Bpara%2Bos%2Bidosos%26utm_source%3DTaboola%26tbid%3D1234567%26tblci%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2Fwoh87gq5iHt_GJAQ%23tblciGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2Fwoh87gq5iHt_GJAQ&vi=1689782462172&p=dantasmlimited-stairlifts-sc&r=47&lti=cta_maxwidth_ctrl&ppb=CLME&cpb=EhMyMDIzMDcxNy0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjA4gODr3wVAhNQMSMnUDFD069gDWP___________wFjCNcWENUfGCNkYwjhIBDDLBgHZGMI0gMQ4AYYCGRjCPf__________wEQ9___________ARgJZGMI1kgQgmAYCmRjCKQnEIo1GC9kYwjQNxCOUxgwZGMI9T8QglUYMmRjCNpEEPdaGBNkYwi1NRCmRxg1ZGMIlhQQnxwYGGRjCINJEL1gGDhkYwj_RhDvXRgdZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBu86I95Yx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://4d3868.llsdzktnxwnnr.com/
Title: Elevador de escada | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://2ab710.zbrjtstrclnm.com/
Title: Liquidação de sofás | Links patrocinados

Search URL Search Domain Scan URL

URL: https://n33w2m.llsdzktnxwnnr.com/
Title: Anti-envelhecimento | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&ri=bfb21d07b5824a9242ed4834dd7f5ae6&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&it=text&ii=~~V1~~4675393292819241819~~aBqQgyqMMTS2oor6de4PBTmDIhBNHujiJLZeKY80bf_6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQW0OKu3VbaFI1uOBK2OWbXOhlo6TqWritVMGNgX6wrCus8nkvilqDooLAe1HKDwTL8eF7DlpaKqURSZ8EWZlZVwTfYGrgdt89DcQmKRCk85H2fjxRl8kko-htcJLMmzeokL7iGWlzm6lHsottHq7aGKztmEgfwuzs6rMBgnUMeiYuVguSiF4uU_Owid1Lk8lw-8QB7hD-RSAXk0xZfnjgcXdddkQtCuRMRAAjBtDz7YCbEdDoz3kuh7J2D6hgBlQo1iLGx_c5ia-9w9lGViw3h1cLLLut7UZ69ZG0YkadufThMyb6u9JF1WBpAvc3del4I8_KGMd_sCuoxrUsO_ISqUe3DuEKSIKbr0wgJ0p1w7pF1uDCUl2erKuhM8RA00Sfe3jyz1HUcJqIVWlWmOFfRCDQ_ZFot0aNggW-PdKm3FIxdF8sMHW4qkQLk4nHC0Rq&pt=text&li=rbox-t2v&sig=21da303dc94331572c3cede261b28f2f6dd285be6b08&redir=https%3A%2F%2Fn33w2m.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DOs%2Bmelhores%2Bcremes%2Bantienvelhecimento%2B2023%253A%2Bo%2Branking%2Bvai%2Bte%2Bsurpreender%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyDgh18o3uPooNrQ8szKAQ%26subid4%3Drr-pt-a-anag3pt-445748-e2805-tb%26kw1%3DOs%2BMelhores%2BCremes%2BAnti-Envelhecimento%2BDe%2BBaixo%2BCusto%2BPortugal%2B2023%26kw2%3D%7BCity%7D%3A%2BOs%2BMelhores%2BCremes%2BAnti-Envelhecimento%2BDe%2BBaixo%2BCusto%2BPortugal%2B2023%26kw3%3DMelhor%2Bpre%C3%A7o%2Bcremes%2Bantienvelhecimento%26kw4%3DCremes%2Bantienvelhecimento%2Bcom%2Bpre%C3%A7os%2Bacess%C3%ADveis%26kw5%3DProdutos%2Bantienvelhecimento%2Bem%2Bconta%2BPre%C3%A7os%26kw6%3DMelhores%2Bop%C3%A7%C3%B5es%2Bantienvelhecimento%2BPortugal%2B2023%26kw7%3DTop%2Bcremes%2Bantienvelhecimento%2BEm%2B2023%26kw8%3DCremes%2Bantienvelhecimento%2Brecomendados%23tblciGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyDgh18o3uPooNrQ8szKAQ&vi=1689782462172&p=mmosworld-gazebo-sc&r=13&lti=cta_maxwidth_ctrl&ppb=CBw&cpb=EhMyMDIzMDcxNy0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjA4gODr3wVAhNQMSMnUDFD069gDWP___________wFjCNcWENUfGCNkYwjhIBDDLBgHZGMI0gMQ4AYYCGRjCPf__________wEQ9___________ARgJZGMI1kgQgmAYCmRjCKQnEIo1GC9kYwjQNxCOUxgwZGMI9T8QglUYMmRjCNpEEPdaGBNkYwi1NRCmRxg1ZGMIlhQQnxwYGGRjCINJEL1gGDhkYwj_RhDvXRgdZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBu86I95Yx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&ri=a047a6528a6a261b86c6fc35ea632fb6&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&it=text&ii=~~V1~~8299596537596364017~~1YBzlrzJvvUGHYDNOz9G5Olz75CZgqUpDwxMYAADGoT6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKIEkboF226WcFt2DvAQWImZ-rmnfUtnp0135ZmcWb17Q70rNe8glriuRMmo64wRawVIADargjYHu2iV4jaefIm9zwBwbVzqx5qDQAj-sfT0DkH-oNqmIUQEhnVjGPZwuj1Y1turI9NGiq4DGPkrIur_5xFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=f257ca1ebe45627129cd939e5919dc1ef976cd912fc6&redir=https%3A%2F%2Ftrcclick.com%2Fclick.php%3Fkey%3Dbhm9j4wo07st8pwz1byy%26visitor_id%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2FworoSrpcrY9o2RAQ%26site_id%3D1524057%26site%3Dpalmate-bg3co%26site_domain%3Dbg3.co%26thumbnail%3Dthumbnail%26campaign_id%3D25892070%26campaign_item_id%3D3704563505%26visit_id%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2FworoSrpcrY9o2RAQ%26title%3DBraga%2B-%2BOs%2Belevadores%2Bde%2Bescada%2Bpodem%2Bser%2Bum%2Bsonho%2Brealizado%2Bpara%2Bos%2Bidosos%26utm_source%3DTaboola%26tbid%3D1234567%26tblci%3DGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2FworoSrpcrY9o2RAQ%23tblciGiD5leTxUXHgodKW_P2C8Hl47aN4R9u238YwQ0NHBZgznyCd2FworoSrpcrY9o2RAQ&vi=1689782462172&p=dantasmlimited-stairlifts-sc&r=93&lti=cta_maxwidth_ctrl&ppb=COIB&cpb=EhMyMDIzMDcxNy0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjA4gODr3wVAhNQMSMnUDFD069gDWP___________wFjCNcWENUfGCNkYwjhIBDDLBgHZGMI0gMQ4AYYCGRjCPf__________wEQ9___________ARgJZGMI1kgQgmAYCmRjCKQnEIo1GC9kYwjQNxCOUxgwZGMI9T8QglUYMmRjCNpEEPdaGBNkYwi1NRCmRxg1ZGMIlhQQnxwYGGRjCINJEL1gGDhkYwj_RhDvXRgdZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBu86I95Yx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 68

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 71

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 115

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 148

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689782464&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689782463938&bpp=54&bdt=1586&idt=636&shv=r20230718&mjsv=m202307130102&ptt=5&saldr=sa&correlator=4443049671226&frm=23&ife=1&pv=2&ga_vid=1322933517.1689782465&ga_sid=1689782465&ga_hid=43898125&ga_fc=0&ga_cid=amp--Px2W6jhe3xns1l7guWNZw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=601755571&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31075850%2C31075955%2C31076179%2C44788442%2C44796477&oid=2&pvsid=1001511130419173&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.neb4dglyuix&fsb=1&dtd=880 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 153

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689782464&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689782464077&bpp=23&bdt=1696&idt=544&shv=r20230718&mjsv=m202307170101&ptt=5&saldr=sa&correlator=4443049671226&frm=23&ife=1&pv=1&ga_vid=315362017.1689782465&ga_sid=1689782465&ga_hid=737940222&ga_fc=0&ga_cid=amp--Px2W6jhe3xns1l7guWNZw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2878&biw=1600&bih=1200&isw=336&ish=280&ifk=2313373274&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076244%2C44788442%2C44796826&oid=2&pvsid=945564327745355&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k8l6eofam6tm&btvi=1&fsb=1&dtd=786 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 206

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 207

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1

Request Chain 255

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLgIx.mEDbQwcPtnizxnkgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1&google_hm=2

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7VjfJqhNb0ZtGfzZiE6B4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7VjfJqhNb0ZtGfzZiE6B4%26google_cver%3D1

Request Chain 257

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxODQwMTY1MTYxMzQyNDIzMA%3D%3D

Request Chain 269

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 272

https://hal900010.redintelligence.net/request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCW9u6xQi4ZJbwC4jpgAeLvbu4Bp7ZlqFp-amh-9sP8C4QASDo7JeUAWDt_N2FrBvIAQmpAiWFeYNq0bI-qAMByAObBKoEjAJP0LMRicRgIL9rm4XWIwvQB0pmAxDqnwNRChsrLUaE_Sb8KAw8HezDG5C2pChg_Dtzd1W2hql8wZfyidisy3AiiQPzjcn1iHjfw5V9AmcyS7t3r_MfTWS2D3UBgKv9aJprvdAKB15WiW9_XSgtmSl6PyG1fD3vPzBMvplA2J16QvXKSekTfT-RdXbc_i2gdzskjKCyoiWfwSnkwRb2SxOxL4F7vTkej3GFIugb22BVvltxAmD1R2EBWQd9uaTowPkgmr6tg5-ORSNEaVTOXHfOiytRk944u06v08slFrPnplMxhmBTZEs42TiwaoLjEBnpzeCBNS1TIUKGuKxFLkASMnNQtguH7IGd5qPGwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE%26sig%3DAOD64_3X_HoYE1TwntUsY_veYmVIlzBbxg%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-Cdk1Nc3bihJ3OlZ0Lgeg48Dv7pcBYDg1T_KLPd0z9A6uplq5ObtpxgvijyGe5vYjkEeUZ-fr8hKFl60QJeDAK9KeqiC35NQ-E9VG1GeFBwq1-8nI5nMyD-EgdkkAmsr_5IzJ0a-r6GStcWmWPRJuRKJbHqb9MYcDJ6dVO7rmwMZ37BwBI%26cry%3D1%26dbm_d%3DAKAmf-ABgkCjE7AkfSQqgi10CJd-7uZJVdIRDTWDMp-n1ckkH413t7t6aiAnG-JQdgYafTp2GnUZNhdIMQCALx9Prx7r7DlxDvtPVCJgkofE9DAyK78Zi8WPvDUxWiAAGTzyU1rNGWMP9iBLAUJFa7XumAKvLOQy7wi9QCSfe_uRX5HrZ4Q9ICpM67A6PhY1Jan7Ge0HBgiXjLKA1haNoTtow-K38NWYgMThi9VKecn6ziL9FakYCBiOwAHA3i0x7d40WXj9V4oTirEsVBiUbDtF6NDlA42J_3vYXAIArCE-pJUVAyn6Jd6tOV_sJF8iVbk1Gq3QcGqcUsEJzacVYmA_xtFimb5m_P-LnBmhTOaAUj3m4UvA67B2GUdxnWBhIkMHYgpMylIpXfCO0_Mgx2pV_lVM8NzPUecfutdkWA4OC4305sapml8ap6dri0gfQYWGQd6PmbJDSq27STqzknsL0-OR5stFO9ipaxYoIJP4du95USHCzRIJX1hfi6RwWtRbdUJPbX1NRlJ7zvpZNUAfwdrjdgRPIODauV7ORWuGRhSON9H77m_K6LIcR8PEViMKNnTX6obwOdLdxP81QFaDVZ1btf7SSQ%26adurl%3D&documentReferer=https%3A%2F%2Fadx.holmesmind.com%2F&ancestorOrigins=https%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8469022945161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900010.redintelligence.net/request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCW9u6xQi4ZJbwC4jpgAeLvbu4Bp7ZlqFp-amh-9sP8C4QASDo7JeUAWDt_N2FrBvIAQmpAiWFeYNq0bI-qAMByAObBKoEjAJP0LMRicRgIL9rm4XWIwvQB0pmAxDqnwNRChsrLUaE_Sb8KAw8HezDG5C2pChg_Dtzd1W2hql8wZfyidisy3AiiQPzjcn1iHjfw5V9AmcyS7t3r_MfTWS2D3UBgKv9aJprvdAKB15WiW9_XSgtmSl6PyG1fD3vPzBMvplA2J16QvXKSekTfT-RdXbc_i2gdzskjKCyoiWfwSnkwRb2SxOxL4F7vTkej3GFIugb22BVvltxAmD1R2EBWQd9uaTowPkgmr6tg5-ORSNEaVTOXHfOiytRk944u06v08slFrPnplMxhmBTZEs42TiwaoLjEBnpzeCBNS1TIUKGuKxFLkASMnNQtguH7IGd5qPGwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE%26sig%3DAOD64_3X_HoYE1TwntUsY_veYmVIlzBbxg%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-Cdk1Nc3bihJ3OlZ0Lgeg48Dv7pcBYDg1T_KLPd0z9A6uplq5ObtpxgvijyGe5vYjkEeUZ-fr8hKFl60QJeDAK9KeqiC35NQ-E9VG1GeFBwq1-8nI5nMyD-EgdkkAmsr_5IzJ0a-r6GStcWmWPRJuRKJbHqb9MYcDJ6dVO7rmwMZ37BwBI%26cry%3D1%26dbm_d%3DAKAmf-ABgkCjE7AkfSQqgi10CJd-7uZJVdIRDTWDMp-n1ckkH413t7t6aiAnG-JQdgYafTp2GnUZNhdIMQCALx9Prx7r7DlxDvtPVCJgkofE9DAyK78Zi8WPvDUxWiAAGTzyU1rNGWMP9iBLAUJFa7XumAKvLOQy7wi9QCSfe_uRX5HrZ4Q9ICpM67A6PhY1Jan7Ge0HBgiXjLKA1haNoTtow-K38NWYgMThi9VKecn6ziL9FakYCBiOwAHA3i0x7d40WXj9V4oTirEsVBiUbDtF6NDlA42J_3vYXAIArCE-pJUVAyn6Jd6tOV_sJF8iVbk1Gq3QcGqcUsEJzacVYmA_xtFimb5m_P-LnBmhTOaAUj3m4UvA67B2GUdxnWBhIkMHYgpMylIpXfCO0_Mgx2pV_lVM8NzPUecfutdkWA4OC4305sapml8ap6dri0gfQYWGQd6PmbJDSq27STqzknsL0-OR5stFO9ipaxYoIJP4du95USHCzRIJX1hfi6RwWtRbdUJPbX1NRlJ7zvpZNUAfwdrjdgRPIODauV7ORWuGRhSON9H77m_K6LIcR8PEViMKNnTX6obwOdLdxP81QFaDVZ1btf7SSQ%26adurl%3D&documentReferer=https%3A%2F%2Fadx.holmesmind.com%2F&ancestorOrigins=https%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8469022945161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

295 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html Show response
www.bg3.co/a/ 61 KB
19 KB 1638ms
1087ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0dfb3a1cd1ae98125608a88b62fd25de595d1d216c3df750c746100b58f316e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 16:01:00 GMT
etag: "f432-rEMf5J68FcJjH7XkTjr4O12/B4c"
expires: Wed, 19 Jul 2023 16:16:00 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 384ms
209ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 16:01:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
server: sffe
etag: "03bc649404a9850f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jul 2023 16:01:01 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 290ms
116ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 16:01:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9649
x-xss-protection: 0
server: sffe
etag: "f7b096b52a49f492"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jul 2023 16:01:01 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 272ms
143ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 16:01:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7554
x-xss-protection: 0
server: sffe
etag: "50eb993f3be7bbdc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jul 2023 16:01:01 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

239ms
65ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8091
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMUwbnAg6Oo3g3vRPZm%2Bd8pW6SH%2FAYJe0m6yZOOoB4VcIeG5%2BvR6dgz8VoNSwMf5a5BZoxU%2FA%2BqPbE7Ns0KrpKL%2BD3dVEWuFdF%2FwLP56Yak3enbu6esC7jBYgQ5OMYtJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e942e43a84469dc-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 527ms
188ms Script
application/javascript 2.16.202.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-113.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:01 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 10:03:07 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Wed, 19 Jul 2023 17:01:01 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 629 KB
134 KB 338ms
103ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 5962135eb2e88f4889b9bf417b0ecebfee05ca1ed67211649ccf9f65a3d34d12

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:01 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:24:33 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="469384_34654796_4271825_880_1030_37_0_146";dur=1
x-cf-geodata: PT
content-length: 137160
expires: Wed, 19 Jul 2023 17:01:01 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 273 KB
45 KB 396ms
228ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c2a3650b9de1cd9cf945a29775f7f5f0d270904b6aa343ff992190ed68c00666

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UxHXMqYDhkdK1glTEcF8DW7zks4f9gKZ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:01 GMT
x-amz-request-id: E6AST5QY3CDC7H9H
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-envoy-upstream-service-time: 125
x-amz-replication-status: FAILED
content-length: 45770
x-amz-id-2: PavfRaqKhsfhEjORhmPJU4bfG8H3CQjslGvtbqpvyRj4OPa9+yU3xCRB0CWqREvMWttrI40Pxdc=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 19 Jul 2023 16:01:01 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782461.306546,VS0,VE178
etag: "91f6898b6f0ba005d36437d9ee60e068d53ec0cd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 1
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1973ms
983ms Script
text/javascript 52.196.246.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.246.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-246-135.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 940d723a79126a47d747c9ade7b14dc973b21436c81f1f4069c6032cff9d7cf9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET 71440a77910953191382b5fa5995f92b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1f043f86396e0d680eba6a0858eb499d.jpg
static.bg3.co/imgs/202102/ 0
0

GET 3bdb32d7793e92de863373165637cab4.jpg
static.bg3.co/imgs/202105/ 0
0

GET d5c7743f4909d1ce1d2df7e9c8717c33.jpg
static.bg3.co/imgs/202105/ 0
0

GET 246610a89b3f1c0ca05451f1d5e20a23.jpg
static.bg3.co/imgs/202104/ 0
0

GET e2c59472918b190b377147acf3b305c5.jpg
static.bg3.co/imgs/202304/ 0
0

GET 12c82b62a54e2e51a51535bf00595a87.jpg
static.bg3.co/imgs/202107/ 0
0

GET 216b105154408ab9302b9662cc838635.jpg
static.bg3.co/imgs/202108/ 0
0

GET c9cb084f4c6da94c272ccc0650d46d5b.jpg
static.bg3.co/imgs/202105/ 0
0

GET f329f87cf9132ecaadf1f4402dec62f5.jpg
static.bg3.co/imgs/202110/ 0
0

GET 8eb3c34b995db0ef3d5fd13586effce3.jpg
static.bg3.co/imgs/202106/ 0
0

GET 10d43237619888e1867e4734d2a8287f.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 8 KB
3 KB 310ms
149ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:27 GMT
age: 81874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2966
x-xss-protection: 0
server: sffe
etag: "4e4cebbab06b5f09"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:27 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 82 KB
24 KB 233ms
80ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:27 GMT
age: 81874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23120
x-xss-protection: 0
server: sffe
etag: "97458ea624168dde"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:27 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
845 B 309ms
126ms Fetch
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b6254a4a16a3e6d4818042ae58d978e69b6bd8cd6a856b028c0eaec63a83b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 12 KB
4 KB 302ms
155ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:27 GMT
age: 81874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3939
x-xss-protection: 0
server: sffe
etag: "21ee47434b69c418"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:27 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 368ms
148ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1689782462.cdn4-pxy042-mad02.ma1.evs,1689782462.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 impl.20230717-16-RELEASE.js Show response
cdn.taboola.com/libtrc/ 789 KB
164 KB 98ms
98ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f92d81070dbf9869e1dd41303ab810277ce0ee3df9b36f2232e66f618548fecc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: llf06QUFn9ETamLWGVdA_uSeflIT__f8
content-encoding: br
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:01 GMT
x-amz-request-id: M0ZRSBH3N3652M8J
age: 13858
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167167
x-amz-id-2: eU5nAS+Mmp6J6bnko0ToiRa25SzMDzAr8Upr7WdnKvwlc3dCsd/NUkMgqY0JTs0KVpd+YQY56yk=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:20 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782462.893971,VS0,VE0
etag: "b8b6d9afd4eed12f83f8f1d2aff8f6b6"
vary: Accept-Encoding
content-type: application/javascript
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 142

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
86 B 95ms
95ms Image
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=cta_maxwidth_ctrl
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490048-LIS
date: Wed, 19 Jul 2023 16:01:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1689782462.893963,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 295ms
161ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1689782462.cdn4-pxy042-mad02.ma1.evs,1689782462.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 40 KB
10 KB 120ms
118ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:28 GMT
age: 81874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10347
x-xss-protection: 0
server: sffe
etag: "59414361c8ed98c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:28 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 264ms
91ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 247544
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 90 KB
22 KB 741ms
727ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=16%3A01%3A02.176&lti=cta_maxwidth_ctrl&data=%7B%22id%22%3A914%2C%22ii%22%3A%22%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1689761165229%2C%22vi%22%3A1689782462172%2C%22cv%22%3A%2220230717-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12290%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html%22%2C%22vpi%22%3A%22%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2922%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2574%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22cta_maxwidth_ctrl%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a53a6535b3c2dfee2f658d857fc9f300cfbec47c664284f73993aec851f102d

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 663
date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 101623
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490048-LIS
server: nginx
x-timer: S1689782462.212450,VS0,VE663
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 215 KB
57 KB 82ms
81ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:18:41 GMT
age: 81741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58154
x-xss-protection: 0
server: sffe
etag: "0ba4e671a8cd7fee"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:18:41 GMT

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/palmate-bg3co/log/3/ 0
244 B 374ms
84ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=cta_maxwidth_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 71ms
70ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11505
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UclPeSoPN3ptZN3XxnSzLGBZAqVe6r%2FYOQonM0gkpRmq5MA2mhGP4PdVgSZ9K7pkZpNyca4RzkOyev88sTlCbx9G4wxspAY5KZW0bi8eyCInjvJH%2Fim4YXJxKEhfC7pFFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e942e45cb1969dc-MAD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 821ms
153ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 47f4cf7f236c8370d0dfcba6878553103d55fe04d85f8c5373e39cc54131c544

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 796ms
155ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 47f4cf7f236c8370d0dfcba6878553103d55fe04d85f8c5373e39cc54131c544

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 371 KB
101 KB 468ms
132ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: bca22b8906a0fcf316d42d0a0e41aa2291afce21ba6c8e41b7c5e6e6da0d480c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: br
last-modified: Fri, 02 Jun 2023 14:36:08 GMT
server: nginx/1.18.0
etag: W/"6479fe58-5cb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="469384_34654796_4272610_794_1006_44_0_146";dur=1
content-length: 102722
expires: Thu, 18 Jul 2024 16:01:02 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
577 B 362ms
130ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="469384_34654796_4272612_629_990_44_0_146";dur=1
content-length: 211
expires: Thu, 18 Jul 2024 16:01:02 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 318ms
132ms Script
application/javascript 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="469384_34654796_4272611_896_998_44_0_146";dur=1
content-length: 18371
expires: Wed, 19 Jul 2023 17:01:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 421ms
231ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ee9a2ba825b6f1b0a3c24445ab2e03fc894c7c720039687fbc73b36dcbf32907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27913
x-xss-protection: 0
server: cafe
etag: 982 / 19557 / m202307120101 / config-hash: 9362120658740059525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:02 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 517ms
83ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODk3ODI0NjI1MDYsInBhY2tldElkIjoiMDAwMEE3MDEtMmMwZWQyMmUtZGU4Mi00NGFjLTliODctYjRhYWUzMTgxZGMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lpLXhpbi1uYW4tcWl1LXBpbmctZ3VvLWppbmctZ2FvLWlwaG9uZXlvbmctYmFuLWRhby10aS1jaGktamluLXFpLWNoZS1xaS15ZS1qaS10aS1qaWFuLWNoYW4uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiUFQifQ%3D%3D&c_b=3124.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 517ms
85ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 668ms
242ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8120696811455064&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:03 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 664ms
242ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7983385385467925&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:03 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 495ms
127ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

ESF /

Resource Hash

e1a56d876538cdf66ae578f226857855caa19e371e0f4eb0cadee535206f5fe5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XroBs2MTSKudhxDXS0mwhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-XroBs2MTSKudhxDXS0mwhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 110 KB
31 KB 85ms
84ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:25 GMT
age: 81877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32104
x-xss-protection: 0
server: sffe
etag: "fc5a7023b69babf1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:25 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
479 B 427ms
130ms Fetch
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-24802988192338826907.ampproject.net/2307052224000/ 0
0 429ms
135ms Other
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-24802988192338826907.ampproject.net/2307052224000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 128ms
128ms Image
image/jpeg 2.16.202.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1689782462749
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-113.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:02 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Wed, 19 Jul 2023 17:01:02 GMT

GET
H2 200 em-different-fonts.js Show response
cdn.taboola.com/ui-ab-tests/em-different-fonts/ 1 KB
856 B 69ms
69ms Script
application/x-javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b751c7ef24b8a91a3ed44c775ad011332e5b399eb0faa4a3da5b15fa99e70ef4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: biqfInvGHQo3PS.PYQr750tvV2E6MQVp
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: S9G6Z3N6E6362S7J
age: 22468
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 442
x-amz-id-2: +mpqjOarOGvBcph4ZTb69pXtNkkchfU6rRJoR4XTMUA+8pyVGxMILGEAyi40axTQ5GJUOjuyd/Q=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 19 Jul 2023 09:46:33 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.211204,VS0,VE0
etag: "0806ac1d94e71882cf3f9d9346a84e34"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 73
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1869

GET
H2 200 em-different-fonts.css
cdn.taboola.com/ui-ab-tests/em-different-fonts/ 912 B
500 B 52ms
52ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5855c356545e0069676c38171001be0d0567d699fbd342f566a4728dffc8bd1f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: waJfQkXG5nyGxdKs2sfjXq_8q8cZd0cq
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: PK5XK84MSF56CGDD
age: 22470
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 209
x-amz-id-2: 1LezjepEFGB6LaL0PrGKAPi0RH7qZ4QlFeMvzM2R4azbxM9Lm2aRfLf2F4Gn+H8eVWC3oMdDyoc=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 19 Jul 2023 09:46:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.236963,VS0,VE0
etag: "32ec53f4ffc183c1fe65e07a7b3eb353"
vary: Accept-Encoding
content-type: text/css
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1867

GET
H2 200 floating-unit.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 46ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6720a8b9dff0cfe88809cd4c04328b41305ea9de264b515764f486e2d1671666

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zXHgJ0H2no0FIzt_L5KYRRoHIfU2lXs6
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: B2Y5VJR9TB074T8F
age: 186431
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2474
x-amz-id-2: lbczwGecVZDtVqLcS3jSTp0y28aAPeA8+1SGdCltStF7XhNp7k/rRNK0SnCvUhwL9UisJJBuGTA=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:33 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.300353,VS0,VE0
etag: "3264442ec9720a30cda7f4020f1673b8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 0
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 405

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.1/ 124 KB
35 KB 54ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ceebf892c9a6b44db2158869110bb36e2ea529b4630fac1003e0626996db10

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 e7a4ac068ceee8f5f56dae98493e3cc0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 111523
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 35310
x-served-by: cache-lis1490048-LIS
last-modified: Tue, 18 Jul 2023 09:01:40 GMT
server: AmazonS3
x-timer: S1689782463.311776,VS0,VE0
etag: "39118222999740332a2de1a48bf2f402"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: UkGKChaEHvpKM4J2rj2gU0ELD44aCoSkeevoxiEcwWZ5AuZhzXuOiA==
x-cache-hits: 1877

GET
H2 200 feed-card-placeholder.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 46ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9518f45748b88a1cff7606c6e823874b64a194c2bc543b2d7718154ec83d9d9d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZImA4sH0Ed7dtUWdev685qJJZXmWX51R
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: 5ABF79H8XMFTD31A
age: 186662
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: x/54J6/A+Akj4hdm6F40qJL0bx/ZpepT6njNZHuDxZO9Aqyvd52yDhMmFkgXLNkJAr7QeSg2JVc=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.310153,VS0,VE0
etag: "11eb03fbfb095bebc3453c8bd25399d2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1701

GET
H2 200 userx.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 46ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 234216924c0da0aa0ef02f54554b1bd764d6fc87deceed8534867a95ef009a04

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eiSUJJw3dfLooTeqlZ1LBfX7OqbXE8Ma
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: 5AB5Y16ZHZJ2P1HA
age: 186662
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5398
x-amz-id-2: MRwP4Tb+h+aMVwsfthJUrMS4TV+C1eXWHsGGyNYbq/T8LdA32cLZ2zUbUoWgJAMv9RfKWBon/j0=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.338019,VS0,VE0
etag: "532c4cc2e38894d4a37a5c189b297d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 553

GET
H2 200 distance-from-article.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 52ms
52ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66ec8abef5b59107998b1be7d9008c51e08b56ea63cddbe16237ede2688cdd4f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _AnGGAFcPUTCxWvbAlUan.xzqUkcYxFR
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: VK01S2AZ2VXTVCJT
age: 186675
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1135
x-amz-id-2: VN+TIqiOEapqb+wBGZ3e4TvRnmI9eE15AAOY+wYd55AqzFYxADPdgHUI8XYwu1OV3hiyNC6YVzg=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:23 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.338897,VS0,VE0
etag: "1b4f9bc190155ad8893d63190ce799e2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2387

GET
H2 200 article-detection.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 55ms
54ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b462849d850e886e2eb136c0b482df55cb79a2879475ed21cf7e41a048608a31

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .xHNGPzYtRFf8nRnzqUqaBNdfV9cpld.
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: VK03CVSB0AHEB4QQ
age: 186675
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1271
x-amz-id-2: htQL6FSQxQnsFxsAhClkbchClcbN1PfFFN9E1RAExYhaFEoewG/jOlb/fp3QdvMQez24ZJE8cmY=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.339889,VS0,VE0
etag: "7a8b20159fb9bdd9009697599d99c35f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2382

GET
H2 200 explore-more.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 48ms
47ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2b03ba1d05fe5191f1720572c7f850e106cd3d2131493fe4a0e4b9309e0688d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dzAUCU94ghlkT9hyJgjCCpZsOAaadGC9
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: 5AB9N9PE6WSXSYEV
age: 186662
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 8778
x-amz-id-2: yZ+Bw8q9m4v8M3dFq/3AGs3LBjASO2iFDMdBWY2WNNR9xuO5UL9FwI6rBRbayhYb6ZadQhJsx04=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:26 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.379902,VS0,VE0
etag: "9936e31587e4d7bb0998571fd04c17cd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 14
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 986

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 463ms
177ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=16%3A01%3A03.277&id=6893&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 469ms
184ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1689782463305%7D&tim=16%3A01%3A03.306&id=1426&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 469ms
184ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A01%3A03.359&id=8125&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 477ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A01%3A03.367&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=1566&cv=20230717-16-RELEASE&lt=cta_maxwidth_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86126

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 504ms
220ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A01%3A03.377&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6919&cv=20230717-16-RELEASE&lt=cta_maxwidth_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86126

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 505ms
221ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A01%3A03.383&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3772&cv=20230717-16-RELEASE&lt=cta_maxwidth_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86126

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 219ms
218ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A01%3A03.385&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=45&cv=20230717-16-RELEASE&lt=cta_maxwidth_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86126

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 220ms
219ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A01%3A03.390&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5818&cv=20230717-16-RELEASE&lt=cta_maxwidth_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86126

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 45ms
45ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: 8R6Y8MF83F4SX453
age: 46
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: y2mfqW0zNaVKBEwFw8dY+fcbOjSB9dkUju7ClvLvpp+A82nlMU2QeiiPhh7eMjog9LKHLsuhxI8=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782463.418544,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 86
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 23

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 66F1 714 B
776 B 72ms
72ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 11263
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7e942e4cba0669fc-MAD
content-encoding: br
content-type: text/html
date: Wed, 19 Jul 2023 16:01:03 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgGVgAW9ZF2Gigo1lb39V6V0BhUaEgO%2FquehbBGxQNTOtYPvmpC%2BYNoDqmAdB%2BGaUI3gVJ4P6p0HEVEUP9RPEvMGJr%2FwPB4CV3ZdCHrxoSO%2F7YX4mlhnzYPwyZ%2BeriJGRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 48E7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

402ms
120ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jul 2023 16:01:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 470ms
153ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 1B59 714 B
737 B 61ms
60ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 11263
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7e942e4cda3769fc-MAD
content-encoding: br
content-type: text/html
date: Wed, 19 Jul 2023 16:01:03 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfdOeKxLonMNBsKuQAiC694tQv%2BEJCVlS%2BPubbBjSCxXNp6GfWLYfWtd1K61j2AbLiAMzOhrrORPkLSZQFUHpH%2BqMIK1DbWCTZWgzR2AeGFP1Ym0yy7bfpVaWvAZmyVf0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C673
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

334ms
96ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jul 2023 16:01:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 555A 92 KB
32 KB 342ms
167ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8efc297e293c1b29c226460f48308b828561ad749671ab54f32b670dad6f4f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32707
x-xss-protection: 0
server: cafe
etag: 16305727929303619363
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:03 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0FC4 92 KB
32 KB 396ms
225ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4a0fd5c25fd71bedecd2a570f942316c1a99a2deceba75ae93e7f8fc34c537c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32757
x-xss-protection: 0
server: cafe
etag: 6171740023344176803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:03 GMT

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 369ms
185ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=cta_maxwidth_ctrl&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 60 KB
61 KB 114ms
81ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2516388
edge-cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 312
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 61196
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200088-IAD, cache-lga21939-LGA, cache-iad-kcgs7200146-IAD, cache-lis1490048-LIS
last-modified: Tue, 06 Jun 2023 14:49:00 GMT
server: nginx
x-timer: S1689782464.556018,VS0,VE0
etag: "41f70f4e09383f37d26f3a047e8d7fbc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 873, 239

GET
H2 200 ea6c117a4cf8c10207272b398baf52b3.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
16 KB 113ms
80ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea6c117a4cf8c10207272b398baf52b3.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f005cb5c191ad3eb25229e0221f5bee535f2e5335f586803f00266dbfe95477f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea6c117a4cf8c10207272b398baf52b3.jpeg
age: 1040802
edge-cache-tag: 535006563838340289039168409924169313163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535006563838340289039168409924169313163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 91
req-referer: https://ruralea.com/
content-length: 16244
x-request-id: 462e2bb977c5e08bb8b64c63aead4193
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000049-IAD, cache-iad-kiad7000116-IAD, cache-sna10722-LGB, cache-iad-kcgs7200167-IAD, cache-lis1490048-LIS
last-modified: Fri, 07 Jul 2023 13:46:00 GMT
server: nginx
x-timer: S1689782464.555979,VS0,VE0
etag: "430cd0962b5cd60adcb312d8f9162d72"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 42, 20

GET
H2 200 430aa6e2f6d57167ad2a2af73d1a825d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 73ms
46ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c72a836b84a634d453a61083ef8ab26c4558ba4b310fdb4df1e86ddef6b2fbd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
age: 1246904
edge-cache-tag: 504611621092814767118893195884591538402,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504611621092814767118893195884591538402,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 365
req-referer: https://m.youm7.com/
content-length: 23664
x-request-id: 6c6f09a9581bc38de9e7d1dec4748dbf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200173-IAD, cache-iad-kiad7000124-IAD, cache-lax10676-LGB, cache-iad-kiad7000052-IAD, cache-lis1490048-LIS
last-modified: Fri, 23 Jun 2023 14:40:16 GMT
server: nginx
x-timer: S1689782464.556023,VS0,VE0
etag: "1696859bac433022a178388e66c54bca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1585, 16

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
32 KB 56ms
55ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bea31d82a530e0029178c357c553cf13aba4df2fd7390900d27eb77975740d02

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 596531
edge-cache-tag: 535745196937353868742743497463140311808,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 304
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 32454
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200153-IAD, cache-iad-kiad7000096-IAD, cache-lga21978-LGA, cache-iad-kjyo7100068-IAD, cache-lis1490048-LIS
last-modified: Tue, 13 Jun 2023 05:17:28 GMT
server: nginx
x-timer: S1689782464.637430,VS0,VE1
etag: "296eefea6b232fbc4c2b1254283620d1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 122, 1

GET
H2 200 9067458821bd75560fe23f90aaac44c6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 49ms
48ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6692d8a5a14b43ea79f4f2c831f0efacf19cdc9915516dc0a4d883457ce89cb4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
age: 3559198
edge-cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 245
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://lols.pl/
content-length: 29070
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100047-IAD, cache-sna10727-LGB, cache-iad-kjyo7100126-IAD, cache-lis1490048-LIS
last-modified: Thu, 11 May 2023 17:18:15 GMT
server: nginx
x-timer: S1689782464.637673,VS0,VE0
etag: "a53f6d7809d0e19242af07577ede08e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 332, 14

GET
H2 200 8abb57a8c411c5a1aed9eca508c5df36.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 53ms
53ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8abb57a8c411c5a1aed9eca508c5df36.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba09039ddead4e5786e8ac622b4429213a762d0ae478c53e593f1f5ded1b035

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8abb57a8c411c5a1aed9eca508c5df36.png
age: 1284181
edge-cache-tag: 596152738974232433136982050560916467521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 596152738974232433136982050560916467521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 94
req-referer: https://ensedeciencia.com/
content-length: 4732
x-request-id: 824a3ba19037d84d00a0f6b56ddaa3c6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000144-IAD, cache-iad-kjyo7100125-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000049-IAD, cache-lis1490048-LIS
last-modified: Thu, 29 Jun 2023 02:46:12 GMT
server: nginx
x-timer: S1689782464.637660,VS0,VE0
etag: "fc570d41e90305da0c3e5dad42e384e3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 49, 7

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
70 KB 60ms
58ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2851354
edge-cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 399
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 70920
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kjyo7100036-IAD, cache-sna10723-LGB, cache-iad-kiad7000022-IAD, cache-lis1490048-LIS
last-modified: Tue, 06 Jun 2023 13:58:16 GMT
server: nginx
x-timer: S1689782464.697232,VS0,VE1
etag: "1c90d421946f35c8a49a65461da750a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 797, 1

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 57ms
56ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3d3524cbd38b9e98fc312d3aa6db8ee6cc873ba13332dab5bf8fa68033f347a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 2756351
edge-cache-tag: 535745196937353868742743497463140311808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 317
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://thethaiger.com/
content-length: 37620
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kjyo7100053-IAD, cache-sna10726-LGB, cache-iad-kcgs7200098-IAD, cache-lis1490048-LIS
last-modified: Tue, 13 Jun 2023 07:42:28 GMT
server: nginx
x-timer: S1689782464.697284,VS0,VE0
etag: "b5860d3e7bbdde82ca9f71209ea9bbd1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 128, 2

GET
H2 200 ea6c117a4cf8c10207272b398baf52b3.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 80ms
79ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea6c117a4cf8c10207272b398baf52b3.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: beaeb78998c1dd59f4bd1c30f745b1af56a01cfa3b3db189e11d8a9570565aaa

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea6c117a4cf8c10207272b398baf52b3.jpeg
age: 1040803
edge-cache-tag: 535006563838340289039168409924169313163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535006563838340289039168409924169313163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
req-referer: https://onlineseries.com.br/
content-length: 36696
x-request-id: 462e2bb977c5e08bb8b64c63aead4193
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000049-IAD, cache-iad-kiad7000116-IAD, cache-lax10635-LGB, cache-iad-kcgs7200077-IAD, cache-lis1490048-LIS
last-modified: Fri, 07 Jul 2023 13:46:00 GMT
server: nginx
x-timer: S1689782464.701496,VS0,VE1
etag: "430cd0962b5cd60adcb312d8f9162d72"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 11, 1

GET
H2 200 430aa6e2f6d57167ad2a2af73d1a825d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 62 KB
63 KB 73ms
73ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b99de2e4c121d06c1569852abd5e4bdaf0fcb229411b60ae9e672d0fbe0a7797

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 19 Jul 2023 16:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
age: 1247701
edge-cache-tag: 504611621092814767118893195884591538402,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504611621092814767118893195884591538402,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 226
expiration: expiry-date="Mon, 24 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.youm7.com/
content-length: 63732
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100174-IAD, cache-iad-kcgs7200101-IAD, cache-sna10733-LGB, cache-iad-kiad7000083-IAD, cache-lis1490048-LIS
last-modified: Fri, 23 Jun 2023 14:40:16 GMT
server: nginx
x-timer: S1689782464.758573,VS0,VE1
etag: "9127762ec24aad9690ce58631b3863d3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 9, 15, 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 326ms
86ms Script
application/javascript 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:01:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 66F1 80 KB
27 KB 143ms
142ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4aa9839f8981074ca540d313097d5b2ee4d78fd868a38db0f09743a62e74334a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27568
x-xss-protection: 0
server: cafe
etag: 365 / 19557 / 31076190 / config-hash: 9362120658740059525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:03 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 401ms
117ms Script
text/javascript 2.16.110.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.110.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-110-91.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 853ms
300ms Script
text/plain 99.84.9.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4OTc4MjQ2Ml8xX2UzMTM3ODlmYzM3YQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.9.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-9-128.lhr62.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 16:01:04 GMT
Via: 1.1 55cf94331c5a848a09407c283669c546.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: LHR62-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: XDefO0PzHasQdtjIn0OnydyZAv0qRG7Ef2v8Tqv1BrXyFdZfRR6bqg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/ 391 KB
125 KB 118ms
118ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5245
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 11165969021637306507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 14:33:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1B59 80 KB
27 KB 237ms
236ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

16a1065364573f82a8ad5603507b626c3873cacd744a86af58a7536135fdee92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27612
x-xss-protection: 0
server: cafe
etag: 475 / 19557 / 31076216 / config-hash: 9362120658740059525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:03 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 2 KB
812 B 86ms
85ms Fetch
application/json 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:28 GMT
age: 81875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "464f04a848bfb8ed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:28 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 292ms
74ms Fetch
application/json 172.64.136.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.136.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21976
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 09:54:47 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ntn3Dc%2BKunc8r9p8P%2F1prHJd4ytagy0eU6mtg6dOElMoIDxhlCl8v8JkTvw6JXjy6BGuCXNNgkStGTr2nkenSnQr%2BODlfSXU3EKhdEN%2BjRNOMEkKUK4wb8yG5Hran4r8JvfN7JEbDn2wpIIrSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7e942e4f984f6666-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 3 KB
956 B 82ms
82ms Fetch
application/json 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:45 GMT
age: 81858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d6efea8de711c3e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:45 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 191ms
190ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A01%3A03.710&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4563&cv=20230717-16-RELEASE&lt=cta_maxwidth_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 86126

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 165ms
164ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22305%22%2C%22eventTime%22%3A1689782463736%7D&tim=16%3A01%3A03.736&id=7133&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 314ms
98ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 16:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 15:39:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 16:01:03 GMT

GET
H2 200 spa-detector.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 73ms
72ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5095982c74e1e03bb8a67d116fcf087a93eb29db64f267af5df517e85e81665e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oc_SeLXNx_tzfweaVXAj0XcNia6r3vUb
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: YA23349N2GGXGVCS
age: 186641
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 811
x-amz-id-2: Ocbozu+5vvggXj6SuMpg5Dh86mTWjFwnbFTo/H/jtB7dYcFLjvwL5ZkCvNMtQfab/ycIVeRGK24=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782464.766831,VS0,VE0
etag: "2888289d184d80a05ac2a3206f910039"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1041

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 160ms
97ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A01%3A03.738&id=6210&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 160ms
98ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1689782463739%7D&tim=16%3A01%3A03.739&id=1526&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 161ms
99ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A01%3A03.742&id=5336&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 161ms
100ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=cta_maxwidth_ctrl&ri=039127d460f7ddbd7ada1a75041ee515&sd=v2_3ce436da433c7b63ce35957be5f24b8d_b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e_1689782462_1689782462_CNawjgYQ2YJdGNzNiPeWMSABKAEwswE4hNQMQMnUDEj069gDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&pi=/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&wi=-6161959307566461054&pt=text&vi=1689782462172&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1689782463745%7D&tim=16%3A01%3A03.745&id=4414&llvl=2&cv=20230717-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 next-up-widget.20230717-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 69ms
13ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230717-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d6bb06ce3e45c28c4426af478044d83e437468d495c8899e8e0111feac780d4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rJUUFuSOkkWthyDZE7Yj6NZgQomu1_6.
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:03 GMT
x-amz-request-id: PT398CYJV4YAD6S7
age: 186429
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4624
x-amz-id-2: e/GbazN1Skq7fgzStwFHsGqYuy7vqM/gpFNC1QTM50aojoVyIVYeILlKSDIyIPOQdN8ce6TPphM=
x-served-by: cache-lis1490048-LIS
last-modified: Mon, 17 Jul 2023 11:06:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689782464.802067,VS0,VE0
etag: "4b1ec28c92da9dfa7c8722f75a9515ca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 95
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 436

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 146ms
130ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=cta_maxwidth_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 281ms
99ms Fetch
application/json 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
243 B 136ms
135ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=cta_maxwidth_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.bg3.co
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/ Frame 66F1 390 KB
124 KB 96ms
91ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1376
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127219
x-xss-protection: 0
server: cafe
etag: 4991179400440994909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 15:38:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ Frame 555A 360 KB
123 KB 189ms
189ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9d73ce920bd66cb47f6ecef66da58545b488315f7d58a66af5db94d97976cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126186
x-xss-protection: 0
server: cafe
etag: 17699636716186270662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:04 GMT

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 48ms
48ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 1391544
edge-cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jnportugal.com/
content-length: 6196
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kiad7000029-IAD, cache-sna10730-LGB, cache-iad-kiad7000025-IAD, cache-lis1490048-LIS
last-modified: Tue, 06 Jun 2023 15:55:33 GMT
server: nginx
x-timer: S1689782464.014507,VS0,VE0
etag: "4dacb31c72359ff4d305c3c8787a1e5c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 318, 2

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
4 KB 46ms
46ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63a967b93b2109c0f1dcca44b33372c903a5c9e89078c77dbe63201f2e25f064

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 3334422
edge-cache-tag: 535745196937353868742743497463140311808,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Fri, 23 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 3788
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100156-IAD, cache-chi-kigq8000133-CHI, cache-iad-kcgs7200114-IAD, cache-lis1490048-LIS
last-modified: Tue, 23 May 2023 15:40:19 GMT
server: nginx
x-timer: S1689782464.020973,VS0,VE0
etag: "1e52eb849b3765c2e339ae6e98923ab1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 259, 2

GET
H2 200 ea6c117a4cf8c10207272b398baf52b3.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 48ms
48ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea6c117a4cf8c10207272b398baf52b3.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca87c1a6f4b1ace45c0aac7ceb72ad2e285c049ad2b199b318a40fc12989e992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea6c117a4cf8c10207272b398baf52b3.jpeg
age: 1029367
edge-cache-tag: 535006563838340289039168409924169313163,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535006563838340289039168409924169313163,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 187
req-referer: http://www.chimbotenlinea.com/
content-length: 6308
x-request-id: be1a46898e42d6f143b736d8acc5db3b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100175-IAD, cache-iad-kjyo7100073-IAD, cache-lax10644-LGB, cache-iad-kjyo7100144-IAD, cache-lis1490048-LIS
last-modified: Fri, 07 Jul 2023 13:46:00 GMT
server: nginx
x-timer: S1689782464.021118,VS0,VE1
etag: "5d4682c902ee11764d063a2a95b403da"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 6, 1

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ Frame 1B59 391 KB
125 KB 123ms
121ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076216

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4969
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 14:38:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/ Frame 0FC4 359 KB
123 KB 179ms
179ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a41774bf268539b9165810616fd75ddb0d2fa06b8c682c59e21492261716de8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126095
x-xss-protection: 0
server: cafe
etag: 13778778494221562980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:04 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 1536 495 B
665 B 1151ms
294ms Document
text/html 54.178.5.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.5.175 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-5-175.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Wed, 19 Jul 2023 16:01:05 GMT
etag: "64b77ff9-1ef"
last-modified: Wed, 19 Jul 2023 06:17:29 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3365
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

140ms
98ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jul 2023 16:01:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Jul 2023 16:01:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C673 34 KB
10 KB 110ms
109ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2b379b0e54fc668b3f7d81915000ec5eb2986a9e20f4ea08d2d223c570dd9ae0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 23:30:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26979
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 23:30:43 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 50ED 422 B
383 B 88ms
86ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1689782464241&uv=139332442&tms=1689782464241&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bc68c444-e685-48f7-9707-167fbd16b84b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d6ec1b666dcaf152bf6be9b9ecd449147fefc2416bfca8fbd3e4167974b4efd4

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 19 Jul 2023 16:01:04 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490048-LIS
x-timer: S1689782464.272766,VS0,VE41

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 156ms
84ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=31589837&cb=1689782464240&uv=139332442&tms=1689782464240&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1689782459383!ts:1689782464240&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 48E7 34 KB
10 KB 121ms
121ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2b379b0e54fc668b3f7d81915000ec5eb2986a9e20f4ea08d2d223c570dd9ae0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 23:30:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26979
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 23:30:43 GMT

GET
H2 200 sync Show response
am-match.taboola.com/ Frame AC35 577 B
662 B 124ms
84ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7e16ab72c55ab607a4c9333739d57e950fa60ccaa290d4272dd882b0e3ba2496

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 19 Jul 2023 16:01:04 GMT
machineid: 3407
server: nginx

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 271ms
78ms Script
application/javascript 18.244.140.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.140.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-140-4.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:07:48 GMT
via: 1.1 2e78e1b185135b5f6c2e98b348bcc8de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
age: 3197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: xcqUOAb3ohDFqtYftQgFnr889gsS4hYqt9dFzYXNO96xUyrMvqxOJA==

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
728 B 152ms
128ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689782464321&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1534&pt=-1071377459&tz=0&viewable=true&ddast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b8181c086e95295406dfbef5c3ea6b5fdcbd28b3afca5255002e00504f082ee

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1477
x-cache: MISS
x-served-by: cache-lis1490048-LIS
pragma: no-cache
server: nginx
x-timer: S1689782464.366580,VS0,VE83
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 94ms
94ms Script
application/javascript 2.16.110.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.110.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-110-91.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Wed, 19 Jul 2023 16:01:04 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
158 B 264ms
91ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E4%B8%80%E2%80%9C%E8%8A%AF%E2%80%9D%E9%9B%A3%E6%B1%82%20%E8%98%8B%E6%9E%9C%E8%AD%A6%E5%91%8A%EF%BC%9AiPhone%E7%94%A8%E5%8D%8A%E5%B0%8E%E9%AB%94%E5%90%83%E7%B7%8A%20%E6%B1%BD%E8%BB%8A%E4%BC%81%E6%A5%AD%E9%9B%86%E9%AB%94%E6%B8%9B%E7%94%A2%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp--Px2W6jhe3xns1l7guWNZw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.9064317706469522&gjid=0.0017693065936565944&_r=1&a=5857&z=0.11462985962868011&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 178ms
90ms Ping
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5857&cid=amp--Px2W6jhe3xns1l7guWNZw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&dr=&dt=%E4%B8%80%E2%80%9C%E8%8A%AF%E2%80%9D%E9%9B%A3%E6%B1%82%20%E8%98%8B%E6%9E%9C%E8%AD%A6%E5%91%8A%EF%BC%9AiPhone%E7%94%A8%E5%8D%8A%E5%B0%8E%E9%AB%94%E5%90%83%E7%B7%8A%20%E6%B1%BD%E8%BB%8A%E4%BC%81%E6%A5%AD%E9%9B%86%E9%AB%94%E6%B8%9B%E7%94%A2%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1689782464&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 50ED 70 B
264 B 391ms
125ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1689782464241&uv=139332442&tms=1689782464241&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bc68c444-e685-48f7-9707-167fbd16b84b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 50ED 43 B
426 B 287ms
94ms Image
image/gif 54.76.240.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1689782464241&uv=139332442&tms=1689782464241&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bc68c444-e685-48f7-9707-167fbd16b84b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.240.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-240-16.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 50ED 43 B
146 B 300ms
86ms Image
image/gif 18.156.56.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1689782464241&uv=139332442&tms=1689782464241&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vD!ul139332-442_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=bc68c444-e685-48f7-9707-167fbd16b84b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.56.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-56-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 259ms
82ms Ping
text/plain 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp--Px2W6jhe3xns1l7guWNZw&aip=1&sid=1689782464&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AC35 70 B
265 B 366ms
110ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame AC35 43 B
425 B 281ms
99ms Image
image/gif 54.76.240.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.240.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-240-16.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3365 34 KB
10 KB 112ms
111ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2b379b0e54fc668b3f7d81915000ec5eb2986a9e20f4ea08d2d223c570dd9ae0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 23:30:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26979
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 23:30:43 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/139332_442/infra/ 889 KB
148 KB 146ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/139332_442/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c8f1724bd314bb1545a4155a2a52edcf6bedd5717cf18fde816f9979e8fc8abb

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689767796
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: XZ4S8XGTT6P0RD4D
age: 14527
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689767797
x-amz-meta-mode: 33188
content-length: 150884
x-amz-id-2: GwfVwCUAdKzP3JmLBMvt5Ceeus3QQlGBbdOIRqhHHmEboZLgKLCw4Z9hhO11dR7fENdXUaQh/dI=
x-served-by: cache-lis1490054-LIS
last-modified: Wed, 19 Jul 2023 11:56:38 GMT
server: AmazonS3-br
x-timer: S1689782465.665801,VS0,VE0
etag: "e4e90f4aac9df96ba121298cb7221ead"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 96

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/139332_442/assets/css/ 60 KB
8 KB 46ms
46ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/139332_442/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689767815
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: XZ4KEAAD6MFTX6N8
age: 14527
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689767815
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: BIUjaoR1t3eQZ7ldSyuZK40XiQZ70qFS4F5PHHyIFcbiir7b82pplCI/62yyG7GU/m5Y6YJSYPM=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 19 Jul 2023 11:56:57 GMT
server: AmazonS3-br
x-timer: S1689782465.566118,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 508

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
285 B 223ms
223ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=cta_maxwidth_ctrl&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 124
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 99089
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490048-LIS
pragma: no-cache
server: nginx
x-timer: S1689782465.623851,VS0,VE124
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C673 284 B
536 B 404ms
111ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 48E7 284 B
536 B 334ms
81ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1925 281 B
554 B 92ms
91ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jul 2023 16:01:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 66F1 492 B
264 B 119ms
119ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1341185407903916&correlator=1817325979787650&eid=31076190&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1689782464746&lmt=1644386353&dlt=1689782463547&idt=887&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=lujkcvsdjezc&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=123823146.1689782465&ga_sid=1689782465&ga_hid=1580218813&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cef6b560c2fb527308070ac08f2a617db883ce90b948d45f0552fac3eaea23b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 66F1 15 KB
12 KB 145ms
143ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6a97285f998373434582c47f5ee057d9bbb7dafcaa741b2d4d4b91a6caa3f498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11746
x-xss-protection: 0

GET
H2 200 container.html Show response
55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0AD4 6 KB
3 KB 355ms
128ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
expires: Thu, 18 Jul 2024 16:01:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 508ms
160ms Fetch
application/json 3.233.144.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-144-250.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EveWkteGluLW5hbi1xaXUtcGluZy1ndW8tamluZy1nYW8taXBob25leW9uZy1iYW4tZGFvLXRpLWNoaS1qaW4tcWktY2hlLXFpLXllLWppLXRpLWppYW4tY2hhbi5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
870 B 455ms
454ms XHR
text/html 2.16.202.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EveWkteGluLW5hbi1xaXUtcGluZy1ndW8tamluZy1nYW8taXBob25leW9uZy1iYW4tZGFvLXRpLWNoaS1qaW4tcWktY2hlLXFpLXllLWppLXRpLWppYW4tY2hhbi5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-84.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Wed, 19 Jul 2023 16:01:05 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=365, ak_p; desc="469384_34654796_4273764_37238_1023_37_0_219";dur=1
content-length: 555
expires: Wed, 19 Jul 2023 17:01:05 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
700 B 45ms
45ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 19 Jul 2023 16:01:04 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 13095
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1689782465.807682,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2502

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 422ms
276ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H5QE4C8QWYVXDT6R9SQYEQH5
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Wed, 19 Jul 2023 16:01:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 555A 379 B
601 B 315ms
125ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

eb38d031b47f52c6c5aaa712162a81302848b23e5d6389dcc55b7e54e8dbe600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 555A 107 B
196 B 101ms
96ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 3043
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168978...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
862 B

1152ms
935ms

Document
text/html

99.86.91.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-length: 459
content-type: text/html
date: Wed, 19 Jul 2023 16:01:07 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6fb11804c1310b9bb47e7088f05a3d58.cloudfront.net (CloudFront)
x-amz-cf-id: NzQ-j2-MigTWCu-5HszrS8XeILxYkd6DjLW1jp1ncbMbKwR6K9e9tA==
x-amz-cf-pop: CDG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 555A 15 KB
11 KB 149ms
149ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230718&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d4e731f5d6d507fbb5e3180e52639c0c2c0e4383add81f0e783412cec93d3ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11663
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3365 284 B
536 B 181ms
83ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0FC4 379 B
317 B 267ms
127ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

88c612d8c3d7bb0c50f1d5e4df587468432c27ddc8444fd25bce4aea1d47ed58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0FC4 107 B
165 B 126ms
126ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame DC8F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168978...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
867 B

1177ms
934ms

Document
text/html

99.86.91.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076244
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-length: 459
content-type: text/html
date: Wed, 19 Jul 2023 16:01:07 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6fb11804c1310b9bb47e7088f05a3d58.cloudfront.net (CloudFront)
x-amz-cf-id: SS8N85kvR2EohN2w_vir_U_5m8qw6tlBdT0YKo9TaCaA2-hSt0QqpA==
x-amz-cf-pop: CDG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: RefreshHit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0FC4 15 KB
12 KB 129ms
129ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230718&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

69e7ef7bf21b8978549bee2ca99e1f20f97141eba85928ba813a329af10883a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11737
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1B59 492 B
266 B 120ms
120ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2089841513070336&correlator=3114179594705205&eid=31076216&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1689782464883&lmt=1644386353&dlt=1689782463638&idt=1061&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=q55ho9d3rafo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1015331823.1689782465&ga_sid=1689782465&ga_hid=1946931724&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076216

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

30175c6c1f76870c3e343151c0d5835f5be4b5ded974e9e10877f727b8ba880d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B59 15 KB
12 KB 134ms
133ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f048254b75126d392108582e99fa0999a18d58cbaf2cd0109805422b389c7b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11721
x-xss-protection: 0

GET
H2 200 container.html Show response
c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 880B 6 KB
3 KB 312ms
87ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
expires: Thu, 18 Jul 2024 16:01:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=695856683;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/ 35 B
371 B 107ms
96ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=695856683;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-36126550-1689782464304;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1689782464906;tzo=0;ogl=;ses=f153b588-74b6-4b48-9575-ba3bd843b87f;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1925 34 KB
10 KB 104ms
104ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2b379b0e54fc668b3f7d81915000ec5eb2986a9e20f4ea08d2d223c570dd9ae0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 23:30:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26979
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 23:30:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 66F1 17 KB
7 KB 330ms
131ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 16:01:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 555A 17 KB
6 KB 239ms
159ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 16:01:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0FC4 17 KB
6 KB 244ms
169ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 16:01:05 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 47ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/139332_442/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 621988
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1689782465.239877,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 58407

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 95F6 422 B
507 B 85ms
84ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/139332_442/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: d6ec1b666dcaf152bf6be9b9ecd449147fefc2416bfca8fbd3e4167974b4efd4

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 19 Jul 2023 16:01:05 GMT
machineid: 3407
server: nginx

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 48E7 0
239 B 360ms
88ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B59 17 KB
6 KB 123ms
122ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 16:01:05 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1925 284 B
536 B 87ms
86ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 101ms
52ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 19 Jul 2023 16:01:05 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 216625
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490048-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1689782465.376157,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 61113

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.4/ 445 KB
84 KB 59ms
58ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/139332_442/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4ae2a06a20497b4f5d370f5f9953a35ae67c35e24d4723d7d156b90ce5769da7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689690128
date: Wed, 19 Jul 2023 16:01:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: D7W9WV70QDQ3N4MS
age: 92290
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689690141
x-amz-meta-mode: 33188
content-length: 85125
x-amz-id-2: /hVKtt6WU8bRpRE36JXpG46F5JQ520Wk+hA5KHxEY0GDd5d9c2P9vQBKHhegYeazExaHTfLOHno=
x-served-by: cache-lis1490048-LIS
last-modified: Tue, 18 Jul 2023 14:22:22 GMT
server: AmazonS3-br
x-timer: S1689782465.380126,VS0,VE0
etag: "ce3de182e42934ed6e31ae12ca4d690b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 7918

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 88ms
87ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=31579697&cb=1689782465365&uv=139332442&tms=1689782465365&su=3&abt=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vG!ul139332-442_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-length: 0
server: nginx

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F72E 603 B
109 B 488ms
487ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1496485448990089475&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2822&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=26317005857&ga_cid=amp--Px2W6jhe3xns1l7guWNZw&ga_hid=5857&dt=1689782464270&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&bdt=3243&dtd=39&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 46ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 16:01:05 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 1599
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1689782465.409281,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 27
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2984

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 113ms
113ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

10a9e672670b5e8aade1c6d96f3b1797e77252554e9eb9c69b1ff0f95d4d980a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jul 2023 16:01:05 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 206ms
206ms Fetch
application/json 3.233.144.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-144-250.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 3365 0
239 B 951ms
216ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 95F6 70 B
264 B 129ms
127ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 95F6 43 B
425 B 101ms
100ms Image
image/gif 54.76.240.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.240.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-240-16.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 95F6 43 B
145 B 97ms
96ms Image
image/gif 18.156.56.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.56.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-56-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 1536 0
268 B 332ms
320ms Script
text/plain 54.178.5.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.5.175 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-5-175.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 19 Jul 2023 16:01:05 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B26 13 KB
5 KB 84ms
82ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:53:41 GMT
expires: Thu, 18 Jul 2024 15:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C8C4 783 B
744 B 298ms
97ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

6a221a12ef507637709c73f21371ba1fe99e9c4f4e6847a694b05369bbba05f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LVD3eAkPKpMO7BPF8YRwlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-LVD3eAkPKpMO7BPF8YRwlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
expires: Wed, 19 Jul 2023 16:01:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8DB 13 KB
5 KB 110ms
80ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:53:41 GMT
expires: Thu, 18 Jul 2024 15:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F244 783 B
1 KB 234ms
94ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

24f689ac875399206e6ba940a48263c237849d3e2b881e6aa64741a23719d57f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bqKh4KspBahHyAZp3-it0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-bqKh4KspBahHyAZp3-it0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
expires: Wed, 19 Jul 2023 16:01:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04D2 13 KB
5 KB 95ms
80ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:53:41 GMT
expires: Thu, 18 Jul 2024 15:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E1FD 783 B
739 B 212ms
98ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

2164f8d242b2ffe4538a70bf6679aa6fe96e7425bf78e7929efa35123772ef34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sdbDrgP-arZUYu3JTcRaQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-sdbDrgP-arZUYu3JTcRaQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
expires: Wed, 19 Jul 2023 16:01:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE01 13 KB
5 KB 91ms
81ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:53:41 GMT
expires: Thu, 18 Jul 2024 15:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 778E 783 B
735 B 187ms
99ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

5fc11602bc8c4cab5fccf0f92a98169ebe32c5aadef9a8ac84346038c2b30c59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IvtIYxIlTH1z1Qh0orf0lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-IvtIYxIlTH1z1Qh0orf0lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:05 GMT
expires: Wed, 19 Jul 2023 16:01:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 54ms
46ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490054-LIS
date: Wed, 19 Jul 2023 16:01:05 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 205ms
72ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37h0&_p=5857&cid=307186879.1689782466&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689782465&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&dt=%E4%B8%80%E2%80%9C%E8%8A%AF%E2%80%9D%E9%9B%A3%E6%B1%82%20%E8%98%8B%E6%9E%9C%E8%AD%A6%E5%91%8A%EF%BC%9AiPhone%E7%94%A8%E5%8D%8A%E5%B0%8E%E9%AB%94%E5%90%83%E7%B7%8A%20%E6%B1%BD%E8%BB%8A%E4%BC%81%E6%A5%AD%E9%9B%86%E9%AB%94%E6%B8%9B%E7%94%A2%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 1503ms
144ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=b2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 16:01:07 GMT
cache-control: no-store
server: nginx

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B26 37 KB
14 KB 85ms
85ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame D8DB 37 KB
14 KB 96ms
95ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 04D2 37 KB
14 KB 92ms
92ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame FE01 37 KB
14 KB 92ms
91ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F244 0
0 118ms
117ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230718&jk=1001511130419173&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8C4 0
0 119ms
119ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307130101&jk=1341185407903916&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1FD 0
0 123ms
120ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230718&jk=945564327745355&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 778E 0
0 122ms
121ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=2089841513070336&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8B26 0
10 B 80ms
80ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TmLVpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame DC8F 31 KB
10 KB 204ms
67ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:42:01 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 69545
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Wed, 19 Jul 2023 20:42:01 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 3043 31 KB
10 KB 206ms
76ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:42:01 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 69545
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Wed, 19 Jul 2023 20:42:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 04D2 0
10 B 85ms
84ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J1Mfxw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE01 0
10 B 80ms
80ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?12oi-A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D8DB 0
10 B 86ms
86ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dF-sgw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
784 B 135ms
133ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689782466973&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1534&pt=-1816246199&tz=0&viewable=true&ddast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vG!ul139332-442_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 19 Jul 2023 16:01:07 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1461
x-cache: MISS
x-served-by: cache-lis1490048-LIS
pragma: no-cache
server: nginx
x-timer: S1689782467.005933,VS0,VE73
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame DC8F
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

69ms
66ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo1Vchyw0mHlihvlVp%2FeSyRtvOBifdAKEn30xKz3FSUMGQOHmdJnF%2BQyUw57okKvfCtCVeY0ZIAiZSHZW6wNkw1IE5dsj%2Bo5YPScfwPwl9OZGFkpXsfyvtvP64MobOUZyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e942e672c9269fc-MAD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 3043
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

142ms
141ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX0X4n0DW4gKAy4hbRK861YTtUVc%2B2HaaDW%2BQhzU%2Bw%2Bgqyr94dOuPUfEk71RiWwkqGOlqiLTdFc8uvNnUSfC5am5TpJ6mgfu3gcys6s6bxfLL6d7mVdLugIhpAWqa0mv3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e942e675cd669fc-MAD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66F1 0
0 124ms
123ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307130101&jk=1341185407903916&bg=!VFelVwPNAAa3SiIRl0o7ADkAdvg8Wi5pPaQcWoFIwp8zZK_KwNV9D0JX-drBsW79LTwYoVFahXgr13I1A_z4W_g1LNUeb4fuYMECAAADjVIAAAAUaAEHCgBB8SuWaEmmd_MKNwWrPciRrxnRTLCA8MgGaAt3IFyPmH7l6pqfUzp0Q7Buv9RgKGvyMRJN8ToYCXUX3UZYKgepFPGZArq4P7d8kP_VeQ8Q7q7TPYbt2iiaRMTXhlsMxXhAB-kbSeTaAKuNxV6hXqaz-u7PXs_kN23SU0iTuJpW-LDA6Cbv8Jidhe_5mjvywdHYPqPINkEA7IvzwQCjf35aa6Be5aqC5C-o9wrZ9VDjan1Hi21l06yJfIksW2u9lehrBfKPVV3-0oqH7t1rnPCQ4ZJ1kGm-0tqMXl5fJNOHSbP-JwdGW38aGYMpntLrEdhx53vlrltFjXtvdA-A8FIzlMX_06SRpePi1wXQj94Y1uYw-tgdz8uJHsoy87EjPISf-WrIFuQQyb8kQhpYlzxVocit1JPBg6Nzk6XIF7QwiwNrrrKktzNclI4Bj9fHTfmJeeffpKfdU1v7apQaVrGXyV8jttadWdgPy58PXythZCfyO1uEZihK8qAGtGjnv3euyj4SHOpMVT0G9ssGr32YE8Ls6AW_rbx2fhT9PcwUrHyuZHSCBicj0cdZn4H-IyouRI_rDA0n2aCH54anaZl6LO33j7SWM4RfnrAo_0fePuWAaMu0KCbAbw7J1FIX8MClMBCvRj2i73MjhwzIuiGOKAN0UjAU4dUa9Xe2ak2PpTf6oLA5JWQPYMdbXpZewEh1jbe4z8Y4nbl_T4RPjSSLx7v9G6enrbtSuSStypYpnwKfaK1oDq3vfti_2MSrM_f538F98O1jkDWVl2Mz8bnSWWTRsz4ZqiMqbLQuQnoaRj80xckiB_xk0tU6N6Kd9yuNPn0JpEq8uu26sGuaIXaX0rerAkuvl2IcarQWiAARg9zL3_lSixpl1TicX7qM1yV0EbEsatZNlcWl-P_vhkTozlSeghw5A_osQOqja9gNlIBUfveHlOObQjFY-zb1JSMokLq58quNnM00ge5p1sY_URgC6Z8_0OEjAKy-Pn6dP_cjV5h64Y4BcDdXilXEsw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B59 0
0 124ms
123ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=2089841513070336&bg=!k5ClkMTNAAa3SiIRl0o7ADkAdvg8WjfzeFsGLaYg-7X0jzuDL3e3nEwbEn1Go70PLpdIkFhz8_3J4esoa8IKp4lYHI81JnrmdNwCAAADd1IAAAAKaAEHmQK9bsAHabcuT8vyOpPUr6eNUO5g38Fas9-AJAJgMLIVDUdtdhFxH4wPg80leYUrUS8Z5buu4s0gNTV25Q6Uvg1-mlw3oHYIIhhPd4FSeCCSKU2dhFmo_NK0dWO4Tuab_ImVntCQHTIxET6D93baTgS6Q2FAsGKti0O68UUCIiNmxwIko3p1J9uQEZ57mQcgIi-oLZHjFEzrZN_1qON3dO8Gxm3YdMRG68CnY9Fka9mJG1HHnGd-AHas_svrdsMd8BaOaItRHqGovxCYCnpOyGzbfrH-QdDk9wpP9czSMMa7yySBbHM35sD0MsdMOlSM5TAiz-Guz-hcScHvzqhzP6PTlxFRTLz-Z9Ly6ne-WoNNvG5S04xXmTTLi0OKqnqDnv_2oYE1sG0N55_xUteABr6JHvn1DFUAhMHKp4V6ZQ8dLPQMZNmaKvPgkGIp8eJkH3g_6lDA8AanwhSlDAlYQxuHyivYjrwzkamrL0a0YqB8-ACXrulbXixT1wHdMBeD23TGG_hidjcPtGKch1pWMVIJ3g_GYppYRqcXwpm4JK8vuDV2xA549hqBQD95w7rx0UeAiuroZCsUHdxwplElJtrLGE68nqSyvp55mCJ-oyoVZ22wj6pcLEoV1T59_vnSW42LQOSFRlZMm2B6nP0ZSujHd1Xrq6JX3kRqkliJBZCLZIGyFJbbWvJcjN5AxhYvds_pKz9W7RoF3hlq6dBiUw70yBu_zGS_ONCB3TAdaQHUCCPsa_ccm_dLsiLIbo490eTlGUc88Pys4OKGZrC_i3EIySdCUp3RN8eesIy3j0xkvFW4mlen_EB2-IMt_-1Tz7Kzh1Mi1MI-i00yhrLnLX9MFWYBlUYJ9f9Ij7uUf6auQlgdnDYO9pYWaDetNtzTd084hPdexuFudlKVr8r2sUROHOla25lWVna2bVP36Ww
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 555A 0
0 124ms
121ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230718&jk=1001511130419173&bg=!g4ClgNTNAAa3SiIRl0o7ADkAdvg8WgDNmwXr97SUpWOoZYLyiHlE2Ar6tiI2QhZ92dUTHsyg9XkPlHBr2ESTGQKbz5Bw2o82WiECAAADuVIAAABlaAEHCgCpYeygP9F4eOeB9a9Z5fqGnGScF0HVM690PFYXjN8KN-wHXwmZgxKc7g_qx5kBckHLvTuoZfvQVVvggizNmGerZP5XeTIHezj-CryW-G6N7wIuuOaLFZF2sZwsHU0MYfYScviROOiPSfHyVWIu6MRxxg_crKCr2smq05A2tfLFhlOkc6HtU8uL6pwgqiK-oTBEXehwrmZXU0eH6CoeAYgQtCoh1cDnIwFCaJkCzzlqCdMToc_xdd5odxeCdV6ZjwMCHO3Iph1yVxD4kPLtwZKhdx5SdIuRIlVzKiZCoid0Ny5_3_2wsZtIlyBmrqylTCDtYi1JdxcSNnulpCiN5fnEAmjCSDmIuZmSrn5PUgkL1jQs1KS_Y-0PQYu9-G8Yehzixml93SbC64uZNEaZNR5lNYxDDWfFoF1YkanZO17BMYRiH3hlBHLsCNr-HENDgcybxgbzaBrwOAJJoZmtKBcc7Lax1x-lF7NcSf5tqoCHtICD3g27FrS6a8F12MAiGRdHNVD6NO7FaQHlr8AbW03VdpnVmNvRyUh6N1NFM4MFADhNQAfYISpjMQBYvO8gW4IVC-3hZ-53ZOF7h-Y2jbz8-KpKiQ4j-4MHUmJ6CjKVeXMZ4dIHw95Xm0gNp5vGmyn7c2cu_9dLtkDA0Tqmtz7OfFR-kTSWPycyXkwYJ3UWCgV9CAk6XnwnhH2omLHMx4T3lSsdunqm2WBoTBDqhCt1mU07Cp8To_RoeZMb-AXHkfq8DljrYvFVv9GKh6cs8MuMKxAe97LDZ2UtWDaPR0C4ZdMX24oyTtfOCQ4TRsFKguWpG3la69zOAJzLn4kkBtSwRsY7ym2gPwcUMqKgQz7CJbweU22xFeQCQb0kMgYcI2Mvu904Li1FiJ3u3yhnjgCkFzjx2AdTxV3Klx9revYiWP5y8CoB-V2XUKsYtjiiQHU3JwfoxkEx_SqbOXQO0Ybm2utom4xPrYxSlrs8gjFguFWgVvgAnkoSiiG1CBwwXWhn2nSZcLsL4MSguP4xNtzTpMBZmJRVVG5diXEbN0Qa89Vgpv2eVziLNEZvm4nI8DyusIeTCEzkzf_2H8oiXVKVM2fvHSJVwRjuvgDkIC-IhKsEzgmvJF0sENabJaXjqQVwxSUsnXUmtGK9CrEraWNpmnv1_MxS1d4yMQKtQrXZrlN-K8wvxYjxgkTG
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0FC4 0
0 127ms
121ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230718&jk=945564327745355&bg=!l5SllMDNAAa3SiIRl0o7ADkAdvg8WvOFHDxHQGLaPlq7CPfkgbIXZiuhTDFjvlxG8RVnGN82ZLO2SQHUu-QvnUN6tQ9WKRYJnskCAAAD0VIAAABaaAEHCgAxiBHgjFA7BNv9gQQRPk9jurFQW0FFU0Po9j1lC6aC-2p2IErEYV2IF10Y9neYbkNaV5kCsEGX19iKgF_ZtTv4OFmiGWOvb3Vk_bxDabrXEcGUtD79P7BfZ1n-wB7nyrCLdkfZqYtJqx4pu5hYccM10Nam-ZbzdycAfbXKp2uyEGf2PHqVSB6u6zxD_a-KGkVUCvktmDEA4zzQPoGEWAFQRrxSd4elcSSLozTs2IcTz4p5i9-eCkNNPZI2natIHqdVGw1DGeBiUMsOrZsYCkGn_KzqdtSG333oKj2_TJBW-3KRTsZAThTyAn1EnUCeyExCesrJZjCbK7Ms5mt7uZCyPPgfo9PygSVBLkHHtePPFhEmE5PFwTxAO5wsvQfdX7aarteXT-zYqLWfz2_ZILdJa68B03UjAhv8q62_gSlfEjaKKCKBGSOLOAWSpF9ZI0Qs39gkEZ-ct2vxkh1uYIIAK-rNRSKvts7ge7GP4qv0bfdCo6MPac-pQjaSQxF85imJm15up072aICaTiZAENEDvPngTHIOrXINwTqL-Lu8loooBhFBx46zwsyQtsfbNu0qpLlZxHh4roP5kwLbY19pc0Rdqto21UsM5Izn6bJu3MV3gRWQ157W5YtOTKZkRPfKBW9ERmevNWRGt7pGRd3ZTQ5xvvnXJ6a8SLp7HdZVQZ3UJvNeeXV4sbsZ6dnNflEPp8ONSxExYJ4mJY6kMCqEn-CaB2f2sIKnuiQHVPX5C0uH10rburmJFFOte73Cmbkq1_qY4cen-nBdYlyHRwtLCgdc9oyyhjLDYofmSLn3o5bn0Lk9Wr1TDUjBIZTtRq9ooKo25vGsw1X_I-SESZtSGduLoucmd5tOFmDFDEW-hQjDnf-14-9MhbbTQWcc9lr5sgcCB_n_ajG_Qnqv1qG6p9aCto6kBa1i92nBMPUWB5rNcnwl0Jh_PNZ4zpydyx0GSsS-k-QXNk_ltWK6lKMVRKOVtyE
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame DC8F 975 B
752 B 66ms
66ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11510
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq1plDlspfXpcgVkyg%2BOYTU6H4U%2BDw1y7FtfFfyV%2F9aSJwL6K2BEbsQYnfqNccl2ATTUFHQQq0G%2FIerudUN00RyFJ0KLXKspkYL9CI0ncal%2B0lzvMMsTkcXiRQZFSaCvMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e942e685e3b69fc-MAD

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 3043 975 B
750 B 62ms
62ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11510
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHZq%2BfIhDr5JMXTaXyjwHYlEBQzT%2Fy6YtS73iZndh2hPzCBh0q5EoS%2Boqtpf2Cdj8LnVJEg5ogyvkA2F6ZygiqaUSywiHP912CcjGlC7sVjJ%2BwAhLCpXiFpzmRqx6z9Baw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e942e68ceda69fc-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame DC8F 661 B
1 KB 489ms
203ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.23518346256502332&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:08 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 1793f743-5435-358e-a9e5-4d51ccea85a6
X-Adtype: html
Connection: close
Content-Length: 661

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 3043 661 B
1 KB 476ms
188ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.5325758555343121&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:08 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 1793f743-5435-358e-a9e5-4d51ccea85a6
X-Adtype: html
Connection: close
Content-Length: 661

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 91ms
89ms Ping
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5857&cid=amp--Px2W6jhe3xns1l7guWNZw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&dr=&dt=%E4%B8%80%E2%80%9C%E8%8A%AF%E2%80%9D%E9%9B%A3%E6%B1%82%20%E8%98%8B%E6%9E%9C%E8%AD%A6%E5%91%8A%EF%BC%9AiPhone%E7%94%A8%E5%8D%8A%E5%B0%8E%E9%AB%94%E5%90%83%E7%B7%8A%20%E6%B1%BD%E8%BB%8A%E4%BC%81%E6%A5%AD%E9%9B%86%E9%AB%94%E6%B8%9B%E7%94%A2%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1689782464&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=8634&epn.domain_lookup_time=18&epn.tcp_connect_time=529&epn.redirect_time=0&epn.server_response_time=1091&epn.page_download_time=5&epn.content_download_time=1739&epn.dom_interactive_time=1739
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 78ms
78ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E4%B8%80%E2%80%9C%E8%8A%AF%E2%80%9D%E9%9B%A3%E6%B1%82%20%E8%98%8B%E6%9E%9C%E8%AD%A6%E5%91%8A%EF%BC%9AiPhone%E7%94%A8%E5%8D%8A%E5%B0%8E%E9%AB%94%E5%90%83%E7%B7%8A%20%E6%B1%BD%E8%BB%8A%E4%BC%81%E6%A5%AD%E9%9B%86%E9%AB%94%E6%B8%9B%E7%94%A2%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp--Px2W6jhe3xns1l7guWNZw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=8634&dns=18&tcp=529&rrt=0&srt=1091&pdt=5&clt=1739&dit=1739&a=5857&z=0.37182107661682506&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 19:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73916
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1377 80 KB
27 KB 157ms
156ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2ff10d3eaa13e3b0873e5041ae9124f09d97de01462981b41a041155b27c331d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27575
x-xss-protection: 0
server: cafe
etag: 996 / 19557 / m202307120101 / config-hash: 9362120658740059525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:08 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A46E 80 KB
27 KB 191ms
190ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2764ac86322bc32fd74ca3e7a00cffe2667842f3fa343ad67c5ab07f45b110f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27571
x-xss-protection: 0
server: cafe
etag: 347 / 19557 / 31076190 / config-hash: 9362120658740059525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:08 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/ Frame 1377 391 KB
125 KB 83ms
83ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 11165969021637306507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 14:33:38 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/ Frame A46E 390 KB
124 KB 81ms
80ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1381
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127219
x-xss-protection: 0
server: cafe
etag: 4991179400440994909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 15:38:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1377 27 KB
12 KB 137ms
136ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063048848578592&correlator=3196960452790700&eid=21065725&output=ldjh&gdfp_req=1&vrg=202307120101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1689782469015&lmt=1689782469&dlt=1689782467952&idt=925&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=va50tczdzqu5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1419633.1689782469&ga_sid=1689782469&ga_hid=505363976&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d6d43e5d989d40ebd2f7648df5948e338694b137f796e80329b371c04aad55f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11964
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1377 15 KB
11 KB 132ms
131ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ffafe3e4f891400194ce6d0e4b5d39b71559376a4e247df68d856ee8b8ffda7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11661
x-xss-protection: 0

GET
H2 200 container.html Show response
98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C213 6 KB
3 KB 113ms
95ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:09 GMT
expires: Thu, 18 Jul 2024 16:01:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A46E 25 KB
11 KB 556ms
556ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1809158555740170&correlator=938594859945939&eid=31072019%2C31076190&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1689782469120&lmt=1689782469&dlt=1689782467938&idt=1137&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=f0iwf26o0o5k&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=518748943.1689782469&ga_sid=1689782469&ga_hid=347188448&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a3b942f786a760a586e62b91aeb9f9e661c28295b107c215c1b3a69e2a4bb33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11458
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A46E 15 KB
11 KB 144ms
144ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f529175b3d44528280680ae6e24e3292d226685d09c8818b77984886b7b20e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11684
x-xss-protection: 0

GET
H2 200 container.html Show response
d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35AE 6 KB
3 KB 135ms
96ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:09 GMT
expires: Thu, 18 Jul 2024 16:01:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1377 17 KB
6 KB 134ms
133ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 16:01:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A71 0
0 137ms
121ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcC6xjvAZ4U2ND8u2OhtBa8_MF23ntvPq3lHNkWm4QIq5XU1DNig9FPoizO-Y0gJL4QkqeettGWbdH_RprUoM7_6gW3op5pbTZj5lhr2p7bJTGxIthexrserJ3oO5UauUYw_yDUJTqGAGHnuWJaL3WuNK1mke07Bzuj10fyI4uwH1jJqhgqUELJIO51u4sIFYOsTa0dB59ouQm5bQVZXlNtboB0s9wFc3_HoNWEeyKak_Pl44ITvniNjXOo9C_JqGc0JpiWgqPfmuMSCi4-ppz_vLJtpS3s_jVN8SQGQ5MkiCmOYD6xHeAowAmhf-ETh07cAu1tLpI--hu_Co&sai=AMfl-YQyv81D15YSfXp9v4oKI24pLkABAuTL7PSm8N0luXLXHPjU-OTpLToWacEViNYV8tEBBze9daCtPJhtGs76Fwj0PZx86oov6SvELw&sig=Cg0ArKJSzMIUXbVelaSJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 2A71 31 KB
10 KB 66ms
61ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:42:01 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 69548
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Wed, 19 Jul 2023 20:42:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A71 179 KB
57 KB 395ms
157ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A46E 17 KB
6 KB 130ms
130ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 16:01:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE47 13 KB
5 KB 81ms
80ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:53:41 GMT
expires: Thu, 18 Jul 2024 15:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 99C4 783 B
766 B 111ms
104ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

801a26d10ff811cef0a29d2aa1367e292476c3b12f32417203c8693ad0fb51fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y4yM33PbOWj9aCzmb6NA_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Y4yM33PbOWj9aCzmb6NA_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:09 GMT
expires: Wed, 19 Jul 2023 16:01:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 688A 13 KB
5 KB 95ms
94ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:53:41 GMT
expires: Thu, 18 Jul 2024 15:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C41E 783 B
742 B 133ms
131ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

5f59a3c29654bc266fbde5f87601b4e22800a57afa5b6034eea33f4587149d74

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iZIQ2FXmFQRsRUTrNgq1vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-iZIQ2FXmFQRsRUTrNgq1vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:09 GMT
expires: Wed, 19 Jul 2023 16:01:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0335 6 KB
3 KB 134ms
133ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js?cb=31076190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:09 GMT
expires: Thu, 18 Jul 2024 16:01:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 99C4 0
0 121ms
120ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307120101&jk=3063048848578592&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame AE47 37 KB
14 KB 87ms
86ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 2A71 80 KB
30 KB 339ms
94ms Script
application/javascript 87.248.119.252

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 44X92WHXKQE4KN4P
age: 91
x-amz-server-side-encryption: AES256
x-amz-id-2: XuKg/pi0ye6/UWH71ZuKbF8ejsar4vzzKJ3cUwp2kwOzgbI85c6H1ABudf9JL01duQhEOdZ1YRo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 2A71 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba60ed020a43b48e0397544684cd41dd7d804657f6c94dc50ce11dbd561596d5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
784 B 545ms
473ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689782470893&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1534&pt=-1816246199&tz=0&viewable=true&ddast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vG!ul139332-442_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:11 GMT
content-encoding: gzip
server: nginx
machineid: 1413
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 246ms
246ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37h0&_p=5857&cid=307186879.1689782466&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1689782465&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html&dt=%E4%B8%80%E2%80%9C%E8%8A%AF%E2%80%9D%E9%9B%A3%E6%B1%82%20%E8%98%8B%E6%9E%9C%E8%AD%A6%E5%91%8A%EF%BC%9AiPhone%E7%94%A8%E5%8D%8A%E5%B0%8E%E9%AB%94%E5%90%83%E7%B7%8A%20%E6%B1%BD%E8%BB%8A%E4%BC%81%E6%A5%AD%E9%9B%86%E9%AB%94%E6%B8%9B%E7%94%A2%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 90FF 624 B
400 B 174ms
151ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjUqdDGATAB&v=APEucNXGobxgzb02sReMgQD3KOysYSt0T2iPrwtAd-tc0GYvijaEOTpFM-APMLOTP163orP5lVdgNbHY1s1FOz9gpqpmjMgnAbObNyyGTflFSwxl2IGgy20Ox0RTecdt_InaUhwiraYOiAMvmg8A517GN0iqskJ6bE_bqKnYoi4hqqBfAO3qeTc

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 16:01:11 GMT
expires: Wed, 19 Jul 2023 16:01:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0335 85 KB
29 KB 485ms
484ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 42 B
63 B 149ms
148ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArAqhKcZSrJSjVoLArGi5x0iE5skScQiXcImuijOcmL23JCS1JreUr9Rb0YNV3gOkGltbHrvJxeDN54CdO_azrqsZciy7064anm67KCix8sFzcSB8

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 203ms
203ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3383592892645226115&x=1&ct=77

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 0335 3 KB
1 KB 100ms
84ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:26:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 0335 20 KB
8 KB 83ms
83ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:26:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0335 0
0 125ms
124ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0M8rbwx23YWUgay5zeuTAGhQA-a3SBuJyqlMc8Qjb5t-_EK8MzT1W_5k9_vZHX9lrYKTJPthuEgFwtY8npFXxuizrZg
Requested by: Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0335 179 KB
56 KB 181ms
177ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C41E 0
0 387ms
118ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307130101&jk=1809158555740170&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 688A 37 KB
14 KB 367ms
187ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 90FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1

43 B
766 B

118ms
112ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjUqdDGATAB&v=APEucNXGobxgzb02sReMgQD3KOysYSt0T2iPrwtAd-tc0GYvijaEOTpFM-APMLOTP163orP5lVdgNbHY1s1FOz9gpqpmjMgnAbObNyyGTflFSwxl2IGgy20Ox0RTecdt_InaUhwiraYOiAMvmg8A517GN0iqskJ6bE_bqKnYoi4hqqBfAO3qeTc
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 16:01:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 90FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLgIx.mEDbQwcPtnizxnkgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1&google_hm=2

43 B
766 B

102ms
101ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjUqdDGATAB&v=APEucNXGobxgzb02sReMgQD3KOysYSt0T2iPrwtAd-tc0GYvijaEOTpFM-APMLOTP163orP5lVdgNbHY1s1FOz9gpqpmjMgnAbObNyyGTflFSwxl2IGgy20Ox0RTecdt_InaUhwiraYOiAMvmg8A517GN0iqskJ6bE_bqKnYoi4hqqBfAO3qeTc
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 16:01:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOZs3K4O8EKt6AKTeY_hYs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 90FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG7VjfJqhNb0ZtGfzZiE6B4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7VjfJqhNb0ZtGfzZiE6B4%26google_cver%3D1

43 B
892 B

261ms
249ms

Image
image/gif

185.89.210.101

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7VjfJqhNb0ZtGfzZiE6B4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjUqdDGATAB&v=APEucNXGobxgzb02sReMgQD3KOysYSt0T2iPrwtAd-tc0GYvijaEOTpFM-APMLOTP163orP5lVdgNbHY1s1FOz9gpqpmjMgnAbObNyyGTflFSwxl2IGgy20Ox0RTecdt_InaUhwiraYOiAMvmg8A517GN0iqskJ6bE_bqKnYoi4hqqBfAO3qeTc

Protocol

Server

185.89.210.101 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:13 GMT
an-x-request-uuid: 2d229302-029b-427b-a4f5-9a0b4bcf3059
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:13 GMT
an-x-request-uuid: 435d86a9-2dfd-4c21-9e3f-614f6abb248c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG7VjfJqhNb0ZtGfzZiE6B4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90FF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxODQwMTY1MTYxMzQyNDIzMA%3D%3D

170 B
188 B

338ms
88ms

Image
image/png

142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxODQwMTY1MTYxMzQyNDIzMA%3D%3D

Requested by

Protocol

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:13 GMT
an-x-request-uuid: 4ece6575-c67f-4f9c-9131-d4ac351fd851
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxODQwMTY1MTYxMzQyNDIzMA%3D%3D
x-proxy-origin: 91.250.240.59; 91.250.240.59; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
254 B 169ms
164ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=cta_maxwidth_ctrl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 105
date: Wed, 19 Jul 2023 16:01:12 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 100619
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490048-LIS
pragma: no-cache
server: nginx
x-timer: S1689782472.994940,VS0,VE105
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 143ms
142ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9787720649024&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0335 0
20 B 134ms
130ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9787720649024&version=m202306200101&ct=77&x=1&cor=3383592892645226000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0335 16 KB
12 KB 154ms
137ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmfINg7iCoRaook4Z4T272GLOx2q_Bsr4FzzhEAFAvKYrqtOm8gdxLXI9RDesbKQYhaQRaajVGg-ihzR2TZUVM4ZrViqGeRksuWBHmvpBKKrmg5aJMuRGydnEBZDGwt6Nf1JsJ5oET4RpKe-Jil_hMezid59w6ghwJHBXAQbi2u6UuV-s&cry=1&dbm_d=AKAmf-CbmD0gexKJxe8wLbDKq-1GUBVKACzWQQGuYcUeWqi1hZcwBNvTsQBzgEtvOk43x0cCKr05sFZVAEHeaqkz2ZNSB4TUMLDzFb1iZMYHeV79G_AaATzJEqTmDo2qTN7cREx1ELPeyy7Mx17bEaaG1iVnko4fixbXUzF1KrTO1BuqXi1mB4V2dPGhkHmHpxJLXJlUub1NZtwjfqU8zv4LKu86vwZsNVRPhDCoI-G3C2qp4vBsT4uoUV_7JPVqO6pawXsGiGY8UULKD1LaTxM2iTRnMIfeYogP2Tb8v2KJboKIX_OAZHOkjOpCdDZvd31yE4b6oYXtu3DhLVtsOQXKtpjDDa5uZeOsBOoUJTgzonh2cyL7poAE4eQCj14UuV23yNbhUC5_jy2PpnNVdhuZ7t4mE56nkRsbezoI5vFXJm-dNYie3dThq0rBcPv0FTNBjQX3U2A0bjiftisUJqTjR9dPk2sl4mNx02SnaaBLukGsrWXuGh-lgJ3aYp4wC0q1-mzKQigs2fQgPT9dhqcYczwVP-gY6Kf1jG-NvG8UWkc71RFU5rbXYypf5YrgVqEAEo1InOA_uHGj3tpqllldmTUFT_zIA6_RCbvvpj-FVjHto04UBfHnuFPKTsRGlQ4bc-1U1QVHSK2Lg7tjbaeVDoBV2OYyEd3a_jLRMDICPEfyWuIEJ6Ag19izmhkvL4McnUG-rY-7znnVl8cAtSmZwzFj2WRsomNPFV0J4bZ0FGfYqR4SfaFu6RaJfUoCNIexUNaDeRk3LNAGnrbs9pSllLLCk9RPiSdkrGRX3rMwyXNn_12x7ACGzhgZJG0JOarWh1g92caByfdkHkUxUqMeGDoEPV5ZHKAWH2RQIT7-2bazrjShuKg1_zmkpeSvOatHHMaVfyLBMkZodrgKcgSlhlChYXOpylD6oxLEFKFs95NT_4L-ucuxr-l_ynzhfD5xFV507rw4vptCXk3_QlLF87LdI78X5BCy8zekcoETuwyIUw9WZZ5s84yJAi3KHT6TSIRcqHEMCBXwWqXyIU1KyhDvg7V4UvaO4eL8u0mjmDSg1llrsUqkRxvpV44sGDT0qHj-BdaeF-TV5UISrESixN6kGoqdCHetsmvSoJolmjwDVJgzXNBk9FdjWZsnhDs_Iay9Cy-K_xnsckMCLrhbBWSmEkpq8o0nTyp-5_xDLx_AKvnffkb3wDZq0Js1ayqz2-wruN_OaPx7yjv0n2HD2WzRk9oh16INXkwDkZ7-51t9nwuh2iH0UUCK_HjCr_0oNFUEMfp_btXPIdGuMJNmoIOdNAsagMT-GBGPZzq1_FESvb_DAasHNdeHUckiW06W2CpW73c_MzFp2lmHsw1YjtZwKhyucaS3Imzzqil1c-uhqH6ggtxiqoAu5Z80Bz276pg6OPVj-Qe51-wzLhxjBAorzK7kZCzVOYXFEBdrabA25wXqxae3ovZsnLYFCLy0VVEeA39ItUFbiPf7132rhlqhHf9RA-nDoXlYhSRNXAaKaOdDY7qywQgr5i_Elg3UddsRd2oCHqOXrvDvGoPwbFhl4KstQ-f3wb5SBRqoRzq1jWVZdA6aNbeiRA4TAxzQp_ty5PJAFSRwxHNS388664X4JWNYjKKcSsocGf_00kIOWZwBgneKiafKp-jrnsZV24JNtyPRDcWNjtemxzqeSq7Ytwt_ZKNsub0MDFis4vhbh0vSxRwsHxeWuBPBotbfjVOe1Id5MLGzSqfyNlxo-jaSAn-K75PHzoLxzNqsbXZh1PtgCG1dNwJT1oj2G8PtyqiJ7iGNge0q-DvkRSGQfDbzWLm1NAE_87n4rh2QkE1C9GQBzP2QM6aUBBNkNNrEuKmOMoONyLdtsWPotmCw1FjtvZnCahNFhzg9y4lNpHguZ0LR5t3fFKDZDqsTuJvCsXF3IJMDZ9TTC8z7vEi-B-hFPqXWN0dfu0k6JFKTFLfeGkrCQRceL3iistX4fZjFl4qSgwEg98Nq52W-lEcIek3lbpdiDuxv2jHBLh_wvTDoml0RAY47awuF1bjY3o7UsXOgoomqBVWb3St9t1cmO-zguaw52HI4lU0EtJ4Y8C8YMJxunGV7j1s4C8lgin_Ygen6byE90HChEF9xQsndQ_rOSK6eF65UbArff8YD1dF7P6rDzhLXG9ZAeMDIj9REMA8NIu19wBDclwQdRPc6GCupCaS7EkMmX5HcE2WSEEXOFn725UWAcGr5VKO-2XzDOiWkaysIlnWwplOz90j3IQC0S4roFNLcpfvNzWHQnvyIAnyaqQFPUiwvCOWBR9g63p04hzQb4NzBdAD_0_fWpU-YuHx8zWonPMc_y4KDvuFa6sGk98Br5ZldpcsMM96sTKPZHuEafUrgrDMMZ-eJE1MJ5uGN6dI270MS3ABtloZ-lD39JbW_itW5qwRbhct9hiTVyjPgyMP2xt9yr9utTjgavHLNxm0HMOUydUZTLUAFo2Jp5WEdbkBqvla100Sve09wEWDuYqojJsrLxL08-2wze1HnceezrDTfSmzIpgbfclxVg1-Aphb9mZEREnP2JcJqBfVSFq1__qtB_wkeggeCRoX7EpdZtpD8hWjJQ1NKKcoHMSs_LtX5YbtXs09sfad7s_plgaf0gYg5jduSitSHLhoQVB8uoeaXHMbP0QuOq4uoDgwEVnDu7H-G-W2ajGHMymBfW2QJyKGydMGT6uBMc576Njz1rmW-Z6y1z_t67qe9yr49tvdLCh4ORJbkwB_86hlDrhoeLrJ6RFMpJi8_TuNcDq0vsCxRTEL0Mjm9ePpWjptl3Gdd8duhgCt1RIsMOX0jmbHyMZikNgEtB8ApiMVMQFoPzQAnZB9OJen-aswRuk7ibVi37gvy9sfh8ldSR8gGLTDoy12vsGrFt_UOihiIeOfH8zaIDIyBC2fCCbEUeHTj2qY287urIxQNtGlDU1XOAKe2cR-KyQfarOd6LEvO2rR1tT3eLbBtvP1MYeH59dl0axCdGO7Zlpww5q9Ozh7Q8v4E9LmTXnpDSKTViK6FihRXvyKxGRJQKGGEhMQvRg3j3pGIOxC1yLAsMFk4DOLot0cDakXJ0nZxi8XGaIOsg32XKDxnCppQtH2fL0-v5oSnAt6GI4PIpfJGivcAXGOcEU_3_6zA2gQxK0rZJMW9qhGTesYp4mlc1prmIoRT9A8_gzggvjy5kUcx5zz5nwc-_-qoAg-3R3meWkU9vPLXre-BpzZ4DqcvTlKSBwB-vedlgFW4elKEiCBzzts7isWehfdFi7DVmiJx8z1DZEWZlQOEVlg8sb4rpLh9P3YJlgJDmb5vlET5cLdLIhCzaHQ6JZQc9FRLIzobl-oPnGdDi7frhOvB1Eashin4SNEua90Sjw1d7Zz2BbUhhFXIjibLfAyc_ECng3fjRd6c6tPitx6KBph6A05ENE5LzKvo4jx81KAJHzZ1-hNCDyoxQ-BD_vf6QDXN3MeuUSWMrPHid28jq-0LA-WM4z2wz_Dq6-1xLeefkOb6v5cgE7mbWe5kZ7zrht8awgBhT69MMUNstGypDfoUz1jdBydOv6QARWNRsUseVDNHg4Y3LO9obhE6n3ApPjBGVF4iHvZdUr3B0QoCrxEkJLkn3YOKSgsgSYOLNFulTyz7tTHzHaTk81Oi3KX7nTG-e5SESWySnokcRp8vwJt_d8kgzj5wYfDLJC4&cid=CAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3383592892645226000&adk=1423868179&idt=592&cac=0&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3008c20a8b77f0d280a3b0cd561406c22e3ddc022cf1358c39573478234b9dab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11899
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 2A71 290 B
623 B 1184ms
129ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Wed, 19 Jul 2023 16:01:13 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 10
x-xss-protection: 1; mode=block
x-request-id: ba60bff8-9e69-4d7c-b577-a792affeecda

GET
H2 200 b
geo.yahoo.com/ Frame 2A71 43 B
366 B 1155ms
102ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:13 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0335 41 KB
13 KB 118ms
118ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmfINg7iCoRaook4Z4T272GLOx2q_Bsr4FzzhEAFAvKYrqtOm8gdxLXI9RDesbKQYhaQRaajVGg-ihzR2TZUVM4ZrViqGeRksuWBHmvpBKKrmg5aJMuRGydnEBZDGwt6Nf1JsJ5oET4RpKe-Jil_hMezid59w6ghwJHBXAQbi2u6UuV-s&cry=1&dbm_d=AKAmf-CbmD0gexKJxe8wLbDKq-1GUBVKACzWQQGuYcUeWqi1hZcwBNvTsQBzgEtvOk43x0cCKr05sFZVAEHeaqkz2ZNSB4TUMLDzFb1iZMYHeV79G_AaATzJEqTmDo2qTN7cREx1ELPeyy7Mx17bEaaG1iVnko4fixbXUzF1KrTO1BuqXi1mB4V2dPGhkHmHpxJLXJlUub1NZtwjfqU8zv4LKu86vwZsNVRPhDCoI-G3C2qp4vBsT4uoUV_7JPVqO6pawXsGiGY8UULKD1LaTxM2iTRnMIfeYogP2Tb8v2KJboKIX_OAZHOkjOpCdDZvd31yE4b6oYXtu3DhLVtsOQXKtpjDDa5uZeOsBOoUJTgzonh2cyL7poAE4eQCj14UuV23yNbhUC5_jy2PpnNVdhuZ7t4mE56nkRsbezoI5vFXJm-dNYie3dThq0rBcPv0FTNBjQX3U2A0bjiftisUJqTjR9dPk2sl4mNx02SnaaBLukGsrWXuGh-lgJ3aYp4wC0q1-mzKQigs2fQgPT9dhqcYczwVP-gY6Kf1jG-NvG8UWkc71RFU5rbXYypf5YrgVqEAEo1InOA_uHGj3tpqllldmTUFT_zIA6_RCbvvpj-FVjHto04UBfHnuFPKTsRGlQ4bc-1U1QVHSK2Lg7tjbaeVDoBV2OYyEd3a_jLRMDICPEfyWuIEJ6Ag19izmhkvL4McnUG-rY-7znnVl8cAtSmZwzFj2WRsomNPFV0J4bZ0FGfYqR4SfaFu6RaJfUoCNIexUNaDeRk3LNAGnrbs9pSllLLCk9RPiSdkrGRX3rMwyXNn_12x7ACGzhgZJG0JOarWh1g92caByfdkHkUxUqMeGDoEPV5ZHKAWH2RQIT7-2bazrjShuKg1_zmkpeSvOatHHMaVfyLBMkZodrgKcgSlhlChYXOpylD6oxLEFKFs95NT_4L-ucuxr-l_ynzhfD5xFV507rw4vptCXk3_QlLF87LdI78X5BCy8zekcoETuwyIUw9WZZ5s84yJAi3KHT6TSIRcqHEMCBXwWqXyIU1KyhDvg7V4UvaO4eL8u0mjmDSg1llrsUqkRxvpV44sGDT0qHj-BdaeF-TV5UISrESixN6kGoqdCHetsmvSoJolmjwDVJgzXNBk9FdjWZsnhDs_Iay9Cy-K_xnsckMCLrhbBWSmEkpq8o0nTyp-5_xDLx_AKvnffkb3wDZq0Js1ayqz2-wruN_OaPx7yjv0n2HD2WzRk9oh16INXkwDkZ7-51t9nwuh2iH0UUCK_HjCr_0oNFUEMfp_btXPIdGuMJNmoIOdNAsagMT-GBGPZzq1_FESvb_DAasHNdeHUckiW06W2CpW73c_MzFp2lmHsw1YjtZwKhyucaS3Imzzqil1c-uhqH6ggtxiqoAu5Z80Bz276pg6OPVj-Qe51-wzLhxjBAorzK7kZCzVOYXFEBdrabA25wXqxae3ovZsnLYFCLy0VVEeA39ItUFbiPf7132rhlqhHf9RA-nDoXlYhSRNXAaKaOdDY7qywQgr5i_Elg3UddsRd2oCHqOXrvDvGoPwbFhl4KstQ-f3wb5SBRqoRzq1jWVZdA6aNbeiRA4TAxzQp_ty5PJAFSRwxHNS388664X4JWNYjKKcSsocGf_00kIOWZwBgneKiafKp-jrnsZV24JNtyPRDcWNjtemxzqeSq7Ytwt_ZKNsub0MDFis4vhbh0vSxRwsHxeWuBPBotbfjVOe1Id5MLGzSqfyNlxo-jaSAn-K75PHzoLxzNqsbXZh1PtgCG1dNwJT1oj2G8PtyqiJ7iGNge0q-DvkRSGQfDbzWLm1NAE_87n4rh2QkE1C9GQBzP2QM6aUBBNkNNrEuKmOMoONyLdtsWPotmCw1FjtvZnCahNFhzg9y4lNpHguZ0LR5t3fFKDZDqsTuJvCsXF3IJMDZ9TTC8z7vEi-B-hFPqXWN0dfu0k6JFKTFLfeGkrCQRceL3iistX4fZjFl4qSgwEg98Nq52W-lEcIek3lbpdiDuxv2jHBLh_wvTDoml0RAY47awuF1bjY3o7UsXOgoomqBVWb3St9t1cmO-zguaw52HI4lU0EtJ4Y8C8YMJxunGV7j1s4C8lgin_Ygen6byE90HChEF9xQsndQ_rOSK6eF65UbArff8YD1dF7P6rDzhLXG9ZAeMDIj9REMA8NIu19wBDclwQdRPc6GCupCaS7EkMmX5HcE2WSEEXOFn725UWAcGr5VKO-2XzDOiWkaysIlnWwplOz90j3IQC0S4roFNLcpfvNzWHQnvyIAnyaqQFPUiwvCOWBR9g63p04hzQb4NzBdAD_0_fWpU-YuHx8zWonPMc_y4KDvuFa6sGk98Br5ZldpcsMM96sTKPZHuEafUrgrDMMZ-eJE1MJ5uGN6dI270MS3ABtloZ-lD39JbW_itW5qwRbhct9hiTVyjPgyMP2xt9yr9utTjgavHLNxm0HMOUydUZTLUAFo2Jp5WEdbkBqvla100Sve09wEWDuYqojJsrLxL08-2wze1HnceezrDTfSmzIpgbfclxVg1-Aphb9mZEREnP2JcJqBfVSFq1__qtB_wkeggeCRoX7EpdZtpD8hWjJQ1NKKcoHMSs_LtX5YbtXs09sfad7s_plgaf0gYg5jduSitSHLhoQVB8uoeaXHMbP0QuOq4uoDgwEVnDu7H-G-W2ajGHMymBfW2QJyKGydMGT6uBMc576Njz1rmW-Z6y1z_t67qe9yr49tvdLCh4ORJbkwB_86hlDrhoeLrJ6RFMpJi8_TuNcDq0vsCxRTEL0Mjm9ePpWjptl3Gdd8duhgCt1RIsMOX0jmbHyMZikNgEtB8ApiMVMQFoPzQAnZB9OJen-aswRuk7ibVi37gvy9sfh8ldSR8gGLTDoy12vsGrFt_UOihiIeOfH8zaIDIyBC2fCCbEUeHTj2qY287urIxQNtGlDU1XOAKe2cR-KyQfarOd6LEvO2rR1tT3eLbBtvP1MYeH59dl0axCdGO7Zlpww5q9Ozh7Q8v4E9LmTXnpDSKTViK6FihRXvyKxGRJQKGGEhMQvRg3j3pGIOxC1yLAsMFk4DOLot0cDakXJ0nZxi8XGaIOsg32XKDxnCppQtH2fL0-v5oSnAt6GI4PIpfJGivcAXGOcEU_3_6zA2gQxK0rZJMW9qhGTesYp4mlc1prmIoRT9A8_gzggvjy5kUcx5zz5nwc-_-qoAg-3R3meWkU9vPLXre-BpzZ4DqcvTlKSBwB-vedlgFW4elKEiCBzzts7isWehfdFi7DVmiJx8z1DZEWZlQOEVlg8sb4rpLh9P3YJlgJDmb5vlET5cLdLIhCzaHQ6JZQc9FRLIzobl-oPnGdDi7frhOvB1Eashin4SNEua90Sjw1d7Zz2BbUhhFXIjibLfAyc_ECng3fjRd6c6tPitx6KBph6A05ENE5LzKvo4jx81KAJHzZ1-hNCDyoxQ-BD_vf6QDXN3MeuUSWMrPHid28jq-0LA-WM4z2wz_Dq6-1xLeefkOb6v5cgE7mbWe5kZ7zrht8awgBhT69MMUNstGypDfoUz1jdBydOv6QARWNRsUseVDNHg4Y3LO9obhE6n3ApPjBGVF4iHvZdUr3B0QoCrxEkJLkn3YOKSgsgSYOLNFulTyz7tTHzHaTk81Oi3KX7nTG-e5SESWySnokcRp8vwJt_d8kgzj5wYfDLJC4&cid=CAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3383592892645226000&adk=1423868179&idt=592&cac=0&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:01:54 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
784 B 155ms
155ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689782473614&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1534&pt=-1816246199&tz=0&viewable=true&ddast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vG!ul139332-442_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:13 GMT
content-encoding: gzip
server: nginx
machineid: 1447
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK s07ki4g6kdhg Show response
hal9000.redintelligence.net/zone/ Frame 0335 11 KB
4 KB 948ms
98ms Script
text/html 78.46.90.238

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/s07ki4g6kdhg?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCW9u6xQi4ZJbwC4jpgAeLvbu4Bp7ZlqFp-amh-9sP8C4QASDo7JeUAWDt_N2FrBvIAQmpAiWFeYNq0bI-qAMByAObBKoEjAJP0LMRicRgIL9rm4XWIwvQB0pmAxDqnwNRChsrLUaE_Sb8KAw8HezDG5C2pChg_Dtzd1W2hql8wZfyidisy3AiiQPzjcn1iHjfw5V9AmcyS7t3r_MfTWS2D3UBgKv9aJprvdAKB15WiW9_XSgtmSl6PyG1fD3vPzBMvplA2J16QvXKSekTfT-RdXbc_i2gdzskjKCyoiWfwSnkwRb2SxOxL4F7vTkej3GFIugb22BVvltxAmD1R2EBWQd9uaTowPkgmr6tg5-ORSNEaVTOXHfOiytRk944u06v08slFrPnplMxhmBTZEs42TiwaoLjEBnpzeCBNS1TIUKGuKxFLkASMnNQtguH7IGd5qPGwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE%26sig%3DAOD64_3X_HoYE1TwntUsY_veYmVIlzBbxg%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-Cdk1Nc3bihJ3OlZ0Lgeg48Dv7pcBYDg1T_KLPd0z9A6uplq5ObtpxgvijyGe5vYjkEeUZ-fr8hKFl60QJeDAK9KeqiC35NQ-E9VG1GeFBwq1-8nI5nMyD-EgdkkAmsr_5IzJ0a-r6GStcWmWPRJuRKJbHqb9MYcDJ6dVO7rmwMZ37BwBI%26cry%3D1%26dbm_d%3DAKAmf-ABgkCjE7AkfSQqgi10CJd-7uZJVdIRDTWDMp-n1ckkH413t7t6aiAnG-JQdgYafTp2GnUZNhdIMQCALx9Prx7r7DlxDvtPVCJgkofE9DAyK78Zi8WPvDUxWiAAGTzyU1rNGWMP9iBLAUJFa7XumAKvLOQy7wi9QCSfe_uRX5HrZ4Q9ICpM67A6PhY1Jan7Ge0HBgiXjLKA1haNoTtow-K38NWYgMThi9VKecn6ziL9FakYCBiOwAHA3i0x7d40WXj9V4oTirEsVBiUbDtF6NDlA42J_3vYXAIArCE-pJUVAyn6Jd6tOV_sJF8iVbk1Gq3QcGqcUsEJzacVYmA_xtFimb5m_P-LnBmhTOaAUj3m4UvA67B2GUdxnWBhIkMHYgpMylIpXfCO0_Mgx2pV_lVM8NzPUecfutdkWA4OC4305sapml8ap6dri0gfQYWGQd6PmbJDSq27STqzknsL0-OR5stFO9ipaxYoIJP4du95USHCzRIJX1hfi6RwWtRbdUJPbX1NRlJ7zvpZNUAfwdrjdgRPIODauV7ORWuGRhSON9H77m_K6LIcR8PEViMKNnTX6obwOdLdxP81QFaDVZ1btf7SSQ%26adurl%3D
Requested by: Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 04c436e4b60e879b687b1a53503388488141a36e4fce2de47f539b0be642a10e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4136
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 341F 22 KB
8 KB 420ms
175ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 75212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 19:07:42 GMT
expires: Wed, 17 Jul 2024 19:07:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AE47 0
10 B 457ms
80ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D8TJEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 2A71
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

98ms
97ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8103
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEsLiztg9GA01aQOhVoM5th%2BoT%2BGH2WFTFUFFv17ideJXNsvbpfOF7AYX8NzNbw6sP1a0W%2BBXnanoCXkQmLa21jZxIP29swxMIq8LJq%2FW%2FWOkxBduw%2FWFlLIUh9STfaFpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e942e9378f669fc-MAD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 688A 0
10 B 333ms
79ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6uO2kw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 341F 37 KB
14 KB 93ms
92ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 15:29:11 GMT

GET
H/1.1

200
OK

request.php Show response
hal900010.redintelligence.net/ Frame 0335
Redirect Chain

https://hal900010.redintelligence.net/request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900010.redintelligence.net/request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

682ms
484ms

Script
application/x-javascript

138.201.63.145

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCW9u6xQi4ZJbwC4jpgAeLvbu4Bp7ZlqFp-amh-9sP8C4QASDo7JeUAWDt_N2FrBvIAQmpAiWFeYNq0bI-qAMByAObBKoEjAJP0LMRicRgIL9rm4XWIwvQB0pmAxDqnwNRChsrLUaE_Sb8KAw8HezDG5C2pChg_Dtzd1W2hql8wZfyidisy3AiiQPzjcn1iHjfw5V9AmcyS7t3r_MfTWS2D3UBgKv9aJprvdAKB15WiW9_XSgtmSl6PyG1fD3vPzBMvplA2J16QvXKSekTfT-RdXbc_i2gdzskjKCyoiWfwSnkwRb2SxOxL4F7vTkej3GFIugb22BVvltxAmD1R2EBWQd9uaTowPkgmr6tg5-ORSNEaVTOXHfOiytRk944u06v08slFrPnplMxhmBTZEs42TiwaoLjEBnpzeCBNS1TIUKGuKxFLkASMnNQtguH7IGd5qPGwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE%26sig%3DAOD64_3X_HoYE1TwntUsY_veYmVIlzBbxg%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-Cdk1Nc3bihJ3OlZ0Lgeg48Dv7pcBYDg1T_KLPd0z9A6uplq5ObtpxgvijyGe5vYjkEeUZ-fr8hKFl60QJeDAK9KeqiC35NQ-E9VG1GeFBwq1-8nI5nMyD-EgdkkAmsr_5IzJ0a-r6GStcWmWPRJuRKJbHqb9MYcDJ6dVO7rmwMZ37BwBI%26cry%3D1%26dbm_d%3DAKAmf-ABgkCjE7AkfSQqgi10CJd-7uZJVdIRDTWDMp-n1ckkH413t7t6aiAnG-JQdgYafTp2GnUZNhdIMQCALx9Prx7r7DlxDvtPVCJgkofE9DAyK78Zi8WPvDUxWiAAGTzyU1rNGWMP9iBLAUJFa7XumAKvLOQy7wi9QCSfe_uRX5HrZ4Q9ICpM67A6PhY1Jan7Ge0HBgiXjLKA1haNoTtow-K38NWYgMThi9VKecn6ziL9FakYCBiOwAHA3i0x7d40WXj9V4oTirEsVBiUbDtF6NDlA42J_3vYXAIArCE-pJUVAyn6Jd6tOV_sJF8iVbk1Gq3QcGqcUsEJzacVYmA_xtFimb5m_P-LnBmhTOaAUj3m4UvA67B2GUdxnWBhIkMHYgpMylIpXfCO0_Mgx2pV_lVM8NzPUecfutdkWA4OC4305sapml8ap6dri0gfQYWGQd6PmbJDSq27STqzknsL0-OR5stFO9ipaxYoIJP4du95USHCzRIJX1hfi6RwWtRbdUJPbX1NRlJ7zvpZNUAfwdrjdgRPIODauV7ORWuGRhSON9H77m_K6LIcR8PEViMKNnTX6obwOdLdxP81QFaDVZ1btf7SSQ%26adurl%3D&documentReferer=https%3A%2F%2Fadx.holmesmind.com%2F&ancestorOrigins=https%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8469022945161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol: HTTP/1.1
Server: 138.201.63.145 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: fd37edde04b08e2f501d1fc213e318e47738d15eb9c897346b00686643b74039

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 16:01:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 60781300093480204452098012390010
Connection: close
Content-Length: 331
Expires: Wed, 19 Jul 2023 17:01:15 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 16:01:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCW9u6xQi4ZJbwC4jpgAeLvbu4Bp7ZlqFp-amh-9sP8C4QASDo7JeUAWDt_N2FrBvIAQmpAiWFeYNq0bI-qAMByAObBKoEjAJP0LMRicRgIL9rm4XWIwvQB0pmAxDqnwNRChsrLUaE_Sb8KAw8HezDG5C2pChg_Dtzd1W2hql8wZfyidisy3AiiQPzjcn1iHjfw5V9AmcyS7t3r_MfTWS2D3UBgKv9aJprvdAKB15WiW9_XSgtmSl6PyG1fD3vPzBMvplA2J16QvXKSekTfT-RdXbc_i2gdzskjKCyoiWfwSnkwRb2SxOxL4F7vTkej3GFIugb22BVvltxAmD1R2EBWQd9uaTowPkgmr6tg5-ORSNEaVTOXHfOiytRk944u06v08slFrPnplMxhmBTZEs42TiwaoLjEBnpzeCBNS1TIUKGuKxFLkASMnNQtguH7IGd5qPGwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE%26sig%3DAOD64_3X_HoYE1TwntUsY_veYmVIlzBbxg%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-Cdk1Nc3bihJ3OlZ0Lgeg48Dv7pcBYDg1T_KLPd0z9A6uplq5ObtpxgvijyGe5vYjkEeUZ-fr8hKFl60QJeDAK9KeqiC35NQ-E9VG1GeFBwq1-8nI5nMyD-EgdkkAmsr_5IzJ0a-r6GStcWmWPRJuRKJbHqb9MYcDJ6dVO7rmwMZ37BwBI%26cry%3D1%26dbm_d%3DAKAmf-ABgkCjE7AkfSQqgi10CJd-7uZJVdIRDTWDMp-n1ckkH413t7t6aiAnG-JQdgYafTp2GnUZNhdIMQCALx9Prx7r7DlxDvtPVCJgkofE9DAyK78Zi8WPvDUxWiAAGTzyU1rNGWMP9iBLAUJFa7XumAKvLOQy7wi9QCSfe_uRX5HrZ4Q9ICpM67A6PhY1Jan7Ge0HBgiXjLKA1haNoTtow-K38NWYgMThi9VKecn6ziL9FakYCBiOwAHA3i0x7d40WXj9V4oTirEsVBiUbDtF6NDlA42J_3vYXAIArCE-pJUVAyn6Jd6tOV_sJF8iVbk1Gq3QcGqcUsEJzacVYmA_xtFimb5m_P-LnBmhTOaAUj3m4UvA67B2GUdxnWBhIkMHYgpMylIpXfCO0_Mgx2pV_lVM8NzPUecfutdkWA4OC4305sapml8ap6dri0gfQYWGQd6PmbJDSq27STqzknsL0-OR5stFO9ipaxYoIJP4du95USHCzRIJX1hfi6RwWtRbdUJPbX1NRlJ7zvpZNUAfwdrjdgRPIODauV7ORWuGRhSON9H77m_K6LIcR8PEViMKNnTX6obwOdLdxP81QFaDVZ1btf7SSQ%26adurl%3D&documentReferer=https%3A%2F%2Fadx.holmesmind.com%2F&ancestorOrigins=https%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8469022945161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 19 Jul 2023 17:01:15 +0200

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 2A71 975 B
752 B 70ms
69ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11517
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtVfhe04PzyhMI4hFqoRCyMGmh1ILA%2FFo%2B6%2FKP8HjLPNHoEnKeL5lmaf7U5vhbKKKCK68OIDbaFZf1Li8%2FUADJB9e1Lws%2BrkqEPrxL%2FojmnxzxxAAarz6XYornkl92W9UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e942e948a6869fc-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 2A71 638 B
1 KB 728ms
237ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6919780127682593&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 16:01:15 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 1793f743-5435-358e-a9e5-4d51ccea85a6
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A71 0
0 564ms
168ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyG5nBcaoBAIXAOXKGT6wyakqjBbYX2_XBHlyELBZgk8tg4Zce0JomzcEnYXNPW6Eue1wl54jN9oMzJzpOtctYqb0May-pwUJ0FJmjF1t45l0U3X1qJKTErxuuM_NpDD52JLJPzKv7LcHLFFxv6pS9zrRHyJOpYpMNMkz2-2vhKkE8iGnGpohf7bFn91f5xJw90sv9DUHeSPkoHRdPQUaPMBUnQjYFTa9hlnH0wKQGGcRL48zhldaC59M_waIpHft2gbWINef3zQaARXs-BhlTkXJIg-wT9ZfllblocPXaDxC9h5LEWTDK2y6l__0Saic-19D7_3U0IG8ZQjhrJA&sai=AMfl-YSlacIfWmmgg3jL5GMmgRLWJ-2r3BLnBOXVVIFelNFhePrJKnafGeBth60XBeqfKfBxqTCXDDNO2Z_f9ZSB6zG0R1bbO1gsiLCbNw&sig=Cg0ArKJSzDMtGU4fCiHvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Jul 2023 16:01:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1377 0
0 181ms
131ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307120101&jk=3063048848578592&bg=!GBulG0_NAAa3SiIRl0o7ADkAdvg8WkxCw9WiWvi11upbyaAVpEE-J6IhqQeqTp-q7OOxKKdWkLEyvoAz-NDbvwdIcTvHvK9tT8gCAAAHslIAAAGBaAEHmQL-UIasLT9bF5z2hZNGTrcRIAt4jMQEJIBGoeOfpGSxdlhm5zNn6OM52Wgmj9RJCM_hBbS_y42K0wgE0Re8IfLjTa2qEQP-_uxttaqvs9DCRw-I1usYx3S9rfynXPVwVgqc4sJP2PxKQBBYSOXsfJlPIa_XC4Ql7RMXKHOHmvOakc0vZ988oT_wYAbybGWFQYgbVEn8-RjI1MMy29D_bnLZBCvBqLQAAhpGB0qKDoqZNkbND69ll-yH1dt9nRj7724KQoA81ofjaNcl6ZOd5GJDfiUeVsBD_rFYSoOm1FUu-RSewzfSS339J3Ln2mRQ5UfyrRiwsBHkDS-OimhnWlIZUQjYUWga5C6kCEsI6mTS2hwLkNJTChw-8FgK_D6vfyK5XGGyHOa2uc3Q2_jVS90pleXMJxJ_RV4f7H3lCSn9Nd579g1kbR4IONLcI-EPbl1Ts3IIV2MskPT89m6ZwyfiOtkqDYqcuvDvWY5vnOKs2HX3Cw9bUeS7gy9NEtCiHPbczl96ZjQgR4mS8gM-yEWIaG6Io2LoQuZIf4boOadPJ_c3PKc3zuk1VP1hRND22qFpVUXhJji0w90QddDVdop7h6LvmljYoMhboI6yRINQHSWURpstKETPlknIjtsCcnlwyMkAG438IohOeQmBxCy7AfVU22J3quBSIvDAWYWXs1QQWGCIhDm7hmeb7LCjPI5S4whDCuGZET4ZlP2pBNRsuHzA-RCy4M--Q9E1WoHzEXuKBDyuIQ-zhn7YIxQ6XOwN06GdRPtOE6ODAsrXVn6H_3C3AuBYYF7xYn9VsZ2dyuCp6puH1KRVYKTkh8IgfDf9KLaqot5l4X-rCazlVq2Qgl_iQKHGDErKLWcMZv6g1L4RR3TOeEo-EIixoyBD5VmR0iUicNf36Q15sSJGnkX482oJXF_FP15K-lX4dEKZ4E1OZ1P7pi66SKH1SnqDJCLoxvTFAnQN6VfH5vosBnTzmszFZP-h2xsj4oQsin9lZPQZ5a-h5zqn0QpXWHg35w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 28AF 143 KB
49 KB 152ms
148ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

3c4bcb979c513d255a7a006032a757a8797680b67b630e0a672611748635e266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50421
x-xss-protection: 0
server: cafe
etag: 8623316682486346488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A46E 0
0 143ms
141ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307130101&jk=1809158555740170&bg=!gYKlgtbNAAa3SiIRl0o7ADkAdvg8WiiV9fNCc2p4j5j3QX7b3ZQnQa5F_BpBQx1WZVHNkAEXhe-WJSzyR1wM3KGeCAYZH3u4Sw8CAAAHrVIAAAC3aAEHCgCb01cOPZP3N-h1KOyq8nuTlap-CD1VdQIr_enEOCbiorEY3LMro-9Op9JasBxC606Uc6OY6jrOiltzmnyOUJiEyt_1IFYB1gZVqFwgCc_ENWqEFVsISkZq8rBIXRQbXNmVHaGOET4eS6rWfZXS0axts3KNu2eVuODa4ur4h-YkDHdaa9ofrXzzZr1eqBUz0e7NrL2O7YeeVofPRReZAud40vHTMwQWC1sbLvO7tZYojydnmlJRlW3zV_aHc1EyLVb5zxQrt1XJQ1u7dTLbA-sXjECh9vKX6DczdwlT3may_WV1k_P4Ba2sGoS3dw453rf7kB1Glgaip1b-pK-vQ1ZHS3xI4gQM6qtpiyw_Un8Coc4Jvox7jieQqc2dJ_UpR4IFbiQBEZs5bnHxjRtIMg_LdIrmXXLg2hVySMlkKF_VJ49Hj-ygKQYRDsPPCetlCJQG2iltqECdk6KBOL-8CBwG5HLiy_8ezC1LbGHpGfcn3hICluzkF0Jm_8g7BhGJmWUfx38RdB6IUsjt2z5W2GwasZLh0JB7iIEv3effe906JWOdh9se7hfVlK2YSKMGVOhRIB5JNhI0uFRcPj8zn38rmnTqigXY6lXuJDaymNqcwuXEhGpzhNRkihTJJBYEzHpJ-cWON8jM12f03ZyAlYg8ehvHXpT8hZO33ymbtceVLu_IyJW-LPTkfmcsgWoMpHUL9FQ3D8o7Y6S3bAXdLqzpiL0IaTCQxoXoqru7X88qg9g8RkhUEpKj0cQ3ycfcn5TfZRarkcNbOfK6kf11Cb1bH5tN-14-gvKL8K4K0zKptNAIFLfj7ijFIveupIdeglK0JIh2AeQuQhRtSOXmsv7_gMbYwp-CB0sbw2AXnwrPWN7zuYzI9b-S5srf_jxfkJZ5yj9wnxIZkeInrNv--oBY6dlqLHgxBm5Ro8x-cGH7-U6SK4bwM9Cx87PWbotkAz8iBeYEoWd75h46MOPdTO9MnoGKM6pqOa-mqlQdmiUqVqZwnjcRL_603c-69THmXPeNisbmFSBlCltpKMB2JnChPfBvJ8sXN4X_atku8pctMWlfb_x4uFplNP8DSZ-aGbBJg5ITTQpSpQXrfHj8MFzseX3HxF6Lf2VdGf1xiMeyJRp6i0OCSNOdspd4GLiTGNjv2WrdF7kko8schMbgvY64I4HaDAevNekHT5jQwZ1TRI09vcTl4w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A71 42 B
64 B 161ms
115ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqnFwoLeGYsPGLhFV69zBt6wC4Cd4soo1U2CP6hcjk3tBDUx1e9_awJuK502HRwVph4Yccx-LNII7a0uOwU7LfhPGILJikkDnbu4YMm62t6CjOR8-V&sig=Cg0ArKJSzMV99XwHcJr3EAE&id=lidar2&mcvt=1057&p=0,0,250,300&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689782469239&rpt=5790&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
785 B 196ms
195ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689782476409&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1534&pt=-1816246199&tz=0&viewable=true&ddast=V8x58CLAaIbak7Tc0dXxIQ21J3mpo7viwAAABgYID-AIl4bMONaTRaq2zD1Vo0nPnWyt1gt1bMdjOLyTGbGEcTIyARj224MY1Ga5VtuFqLhjPfWrkb7NaK2W5mMTlmE-NoYgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAKocCsTx8Dn8AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAAAAaIit0dXu5Y6oLZGC5yKMAAAAAGzpw-8cmaQTVCyq_P__91sBuAIAEJDoJn4SnEV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEImPXFpgg0eudT8AgIArPkFBABgo24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpDZuEyb2chh2mw2volts3F5VsvVbuJyzSyjiXHkPRki1LMFH-rjfTaEZfb7DgrK6ekxuwwylstkEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32RwCXAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGDEsrI5NzaXWzTz7dailcuzFm5WlrVqMTKMJi6Xa7eyrEWvj-licQxXnpUXCQb07UXytEgnks1g43HtNoPJyrlcWDYjl2_i2BhXHtNst3GYnBOxRHOySCeyy76zcZk2s5HDtNlsfBPbZuPyrJar3cTlmllGE-PIX7GsbM6NzeUWzXy7tWjl8qyFm5VlrVqMDKOJy-XarSxr0etjulgcw5Vn5W_MhsvdcDKaTfaN2XC5G05Gs8m-Q2f4rj5no7Ksknx06p1paPnanAaFy2DxPr8XaWhntBltuqvEohpmy52JVej3-_1-v9_v9_u9G7PBYzAYZh7tNjF2-TWbn_Ko8R4MilgiuEgngofZ7TC93BKfZ-O3iCVK00U60Sv8yqdb-LS75Q67W_F0vQVPu8-tc_3dUqfd59Y5_G6l4ei3u5x_u88tcdjdIoffLXq6NUanW-q0uxVPt8bociuebuXLLXW6RU-31OmwuzVGh90uNL3NFrFEcLpIJ6KX8XRR_1FDLuaS1WAuGQ3mquUqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBGAzcf_____jAAAAyMihBwAAQL8PKGq70AM3ip1fQQyGw8n-AagQa7Va3W6s1WoB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl139957-112b_vC!tbt_unit!ufm_vG!ul139332-442_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c5a4caa084e7fd9e1b25d7923cc10c8b7410898f2e6a4b8736cba167b7855ecc

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 16:01:16 GMT
content-encoding: gzip
server: nginx
machineid: 1441
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php
hal900010.redintelligence.net/ Frame 9159 4 KB
2 KB 615ms
207ms Document
text/html 138.201.63.145

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request_content.php?s=60781300093480204452098012390010&a=516e3626
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=s07ki4g6kdhg&nw=20&renderingType=javascript&namespace=64be087530&subid=&uid=01ef37f4e610a07f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCW9u6xQi4ZJbwC4jpgAeLvbu4Bp7ZlqFp-amh-9sP8C4QASDo7JeUAWDt_N2FrBvIAQmpAiWFeYNq0bI-qAMByAObBKoEjAJP0LMRicRgIL9rm4XWIwvQB0pmAxDqnwNRChsrLUaE_Sb8KAw8HezDG5C2pChg_Dtzd1W2hql8wZfyidisy3AiiQPzjcn1iHjfw5V9AmcyS7t3r_MfTWS2D3UBgKv9aJprvdAKB15WiW9_XSgtmSl6PyG1fD3vPzBMvplA2J16QvXKSekTfT-RdXbc_i2gdzskjKCyoiWfwSnkwRb2SxOxL4F7vTkej3GFIugb22BVvltxAmD1R2EBWQd9uaTowPkgmr6tg5-ORSNEaVTOXHfOiytRk944u06v08slFrPnplMxhmBTZEs42TiwaoLjEBnpzeCBNS1TIUKGuKxFLkASMnNQtguH7IGd5qPGwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWXrGABhSCX7eFlQRk8SVg8VIaoqiQlUlgkRgyUEk_efDkBfOkGAE%26sig%3DAOD64_3X_HoYE1TwntUsY_veYmVIlzBbxg%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-Cdk1Nc3bihJ3OlZ0Lgeg48Dv7pcBYDg1T_KLPd0z9A6uplq5ObtpxgvijyGe5vYjkEeUZ-fr8hKFl60QJeDAK9KeqiC35NQ-E9VG1GeFBwq1-8nI5nMyD-EgdkkAmsr_5IzJ0a-r6GStcWmWPRJuRKJbHqb9MYcDJ6dVO7rmwMZ37BwBI%26cry%3D1%26dbm_d%3DAKAmf-ABgkCjE7AkfSQqgi10CJd-7uZJVdIRDTWDMp-n1ckkH413t7t6aiAnG-JQdgYafTp2GnUZNhdIMQCALx9Prx7r7DlxDvtPVCJgkofE9DAyK78Zi8WPvDUxWiAAGTzyU1rNGWMP9iBLAUJFa7XumAKvLOQy7wi9QCSfe_uRX5HrZ4Q9ICpM67A6PhY1Jan7Ge0HBgiXjLKA1haNoTtow-K38NWYgMThi9VKecn6ziL9FakYCBiOwAHA3i0x7d40WXj9V4oTirEsVBiUbDtF6NDlA42J_3vYXAIArCE-pJUVAyn6Jd6tOV_sJF8iVbk1Gq3QcGqcUsEJzacVYmA_xtFimb5m_P-LnBmhTOaAUj3m4UvA67B2GUdxnWBhIkMHYgpMylIpXfCO0_Mgx2pV_lVM8NzPUecfutdkWA4OC4305sapml8ap6dri0gfQYWGQd6PmbJDSq27STqzknsL0-OR5stFO9ipaxYoIJP4du95USHCzRIJX1hfi6RwWtRbdUJPbX1NRlJ7zvpZNUAfwdrjdgRPIODauV7ORWuGRhSON9H77m_K6LIcR8PEViMKNnTX6obwOdLdxP81QFaDVZ1btf7SSQ%26adurl%3D&documentReferer=https%3A%2F%2Fadx.holmesmind.com%2F&ancestorOrigins=https%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fadx.holmesmind.com%2Chttps%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=8469022945161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1503
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Jul 2023 16:01:16 GMT
Expires: Wed, 19 Jul 2023 17:01:16 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8A73 1 KB
643 B 423ms
107ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
URL: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 14222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 12:04:14 GMT
etag: 48472445140208031
expires: Thu, 20 Jul 2023 12:04:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ Frame 28AF 360 KB
123 KB 681ms
600ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126173
x-xss-protection: 0
server: cafe
etag: 2883847007160281345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 16:01:16 GMT

GET
H3 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/ Frame ACDE 10 KB
4 KB 546ms
544ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 2688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 15:16:28 GMT
etag: 12368291122986407432
expires: Wed, 02 Aug 2023 15:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0335 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7ae2a8a52cc97ff6c2c9a9404bb11d261691249c1090606d6274ffc33af649a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 9159 0
0

GET viewability
hal900010.redintelligence.net/ Frame 9159 0
0

GET
DATA 200
OK truncated
/ Frame 9159 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET ping_match.gif
pm.w55c.net/ Frame 8A73 0
0

GET gp_match
um.simpli.fi/ Frame 8A73 0
0

GET adx
pr-bh.ybp.yahoo.com/sync/ Frame 8A73 0
0

GET /
c1.adform.net/serving/cookie/match/ Frame 8A73 0
0

GET attr
cm.g.doubleclick.net/pixel/ Frame 8A73 0
0

GET integrator.js
adservice.google.com/adsid/ Frame 28AF 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame BEA8 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ Frame 28AF 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 24E7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/71440a77910953191382b5fa5995f92b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202102/1f043f86396e0d680eba6a0858eb499d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/3bdb32d7793e92de863373165637cab4.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d5c7743f4909d1ce1d2df7e9c8717c33.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202104/246610a89b3f1c0ca05451f1d5e20a23.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202304/e2c59472918b190b377147acf3b305c5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/12c82b62a54e2e51a51535bf00595a87.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202108/216b105154408ab9302b9662cc838635.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c9cb084f4c6da94c272ccc0650d46d5b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202110/f329f87cf9132ecaadf1f4402dec62f5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/8eb3c34b995db0ef3d5fd13586effce3.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/10d43237619888e1867e4734d2a8287f.jpg?w=150&h=100&q=100

Domain: cdn.contentspread.net
URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x250.gif

Domain: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/viewability?s=60781300093480204452098012390010&a=f731c963&vb=m

Domain: pm.w55c.net
URL: https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBs7AjvXfUN3DKCC1I0b178&google_cver=1&google_push=AaAOQGFFPDWt-hA4ARFsL8QbQ0WOZDeQInlY7A8AWeth5anRp9r5wk9oI1vjhI1GcAsYm1J0Ej0dsAoHiS0uyqZduet6jMdcTWtU

Domain: um.simpli.fi
URL: https://um.simpli.fi/gp_match?google_gid=CAESEDpKsluLzXOFkwbk5ml6J44&google_cver=1&google_push=AaAOQGFlRkimvbXo_tTaPS80TgKiXr_43WRhmuOybbHUXbvMmc3xUwLeNXKdOJp3KSEnzRCsBa8mM2mDr4bL0ietrS2jWMwdYbO74g

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJo2-lRfvQramb6ASZ7e5a8&google_cver=1&google_push=AaAOQGF3uMkoAKt92PHVdH6oDayujjIpvshHA14hJGEr8mlc7rOqVO6aIqK8eyknQOLqTf81V3BpumWN8ATqYk8wStiihCCM5BAARA

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCCqI-oFxnL0HLjU48f2sA&google_cver=1&google_push=AaAOQGGOHISnaLrCA-hCjqMOndsp-vl2hhHAbuxKs_ZmN-tdasHi5QNqOrpG5qDq84Eaj14znX_UraLmptJaUAW4s-d-4l3KyURLfA

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvOr4dzhDslORi0iL0pPGMseRFoaULXn6wL0agKmGqejlvoLbE

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1689782478&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689782476803&bpp=11&bdt=1848&idt=1179&shv=r20230718&mjsv=m202307130102&ptt=9&saldr=aa&nras=1&correlator=2699358671795&frm=8&ife=4&pv=2&ga_vid=529658434.1689782478&ga_sid=1689782478&ga_hid=1055743509&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3709938080&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44788442&oid=2&pvsid=4467480504660890&tmod=1963056738&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.u64m9axkcnc6&fsb=1&dtd=1239

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230718&st=env

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1689782478&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689782476803&bpp=5&bdt=1848&idt=1190&shv=r20230718&mjsv=m202307130102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2699358671795&frm=8&ife=4&pv=1&ga_vid=529658434.1689782478&ga_sid=1689782478&ga_hid=1055743509&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3709938080&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44788442&oid=2&pvsid=4467480504660890&tmod=1963056738&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.eajfgwic9hcy&fsb=1&dtd=1348

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aralego.com/	1970-01-20 22:08:38	Name: sspid Value: 1793f743-5435-358e-a9e5-4d51ccea85a6
www.bg3.co/	1970-01-20 22:08:38	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Db2ef9cfe-4f77-4ee3-83e2-51d04bee57e2-tuctbb18e3e
.aralego.com/	1970-01-20 22:08:38	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:08:38	Name: gdpr Value: 1
.www.bg3.co/	1970-01-20 14:06:14	Name: _im_vid Value: 01H5QE4C8QWYVXDT6R9SQYEQH5
.quantserve.com/	1970-01-20 22:53:16	Name: mc Value: 64b808c0-ea178-7d075-36c91
.doubleclick.net/	1970-01-20 22:44:38	Name: IDE Value: AHWqTUlusO_GbEiZVthWnveNCHFWxPFituzwxzfmEkAZUOdoUKDkk7Mh2eCUbZEcz7Y
.bg3.co/	1970-01-20 22:47:31	Name: __qca Value: P0-36126550-1689782464304
.bg3.co/	1970-01-20 22:44:38	Name: __gads Value: ID=def190d0e7306063-22025b55b0e700f8:T=1689782465:RT=1689782465:S=ALNI_Ma0tamo9yOVSC08aSVJiDu84YFB9g
.bg3.co/	1970-01-20 22:44:38	Name: __gpi Value: UID=00000c40121f136f:T=1689782465:RT=1689782465:S=ALNI_MbHsq5A11Fl9pjJEMwN91XRr5dQsw
.bg3.co/	1970-01-20 22:59:02	Name: _ga Value: GA1.1.307186879.1689782466
.bg3.co/	1970-01-20 22:59:02	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1689782465.1.0.1689782465.0.0.0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202107/12c82b62a54e2e51a51535bf00595a87.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202102/1f043f86396e0d680eba6a0858eb499d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/71440a77910953191382b5fa5995f92b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/3bdb32d7793e92de863373165637cab4.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d5c7743f4909d1ce1d2df7e9c8717c33.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202304/e2c59472918b190b377147acf3b305c5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202104/246610a89b3f1c0ca05451f1d5e20a23.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202110/f329f87cf9132ecaadf1f4402dec62f5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c9cb084f4c6da94c272ccc0650d46d5b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/8eb3c34b995db0ef3d5fd13586effce3.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/10d43237619888e1867e4734d2a8287f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202108/216b105154408ab9302b9662cc838635.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EveWkteGluLW5hbi1xaXUtcGluZy1ndW8tamluZy1nYW8taXBob25leW9uZy1iYW4tZGFvLXRpLWNoaS1qaW4tcWktY2hlLXFpLXllLWppLXRpLWppYW4tY2hhbi5odG1s.json Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.bg3.co/a/yi-xin-nan-qiu-ping-guo-jing-gao-iphoneyong-ban-dao-ti-chi-jin-qi-che-qi-ye-ji-ti-jian-chan.html Message: The resource https://d-24802988192338826907.ampproject.net/2307052224000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55e02c381a10dba6b2cdc4dc067dd5ef.safeframe.googlesyndication.com
98cd7532ad41db1a17570566097a5e7c.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
c1.adform.net
c530924f8cfb7cf1da69d007a66b5bc0.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
d-24802988192338826907.ampproject.net
d5a2c326afcbf4d7a347c4ab63ac06e0.safeframe.googlesyndication.com
delivery.adrecover.com
dmp.im-apps.net
dsum-sec.casalemedia.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
http-intake.logs.datadoghq.com
ib.adnxs.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
um.simpli.fi
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
adservice.google.com
c1.adform.net
cdn.contentspread.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
hal900010.redintelligence.net
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
static.bg3.co
um.simpli.fi
103.231.174.251
104.26.4.103
138.201.63.145
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.162
142.250.185.225
142.250.185.226
142.250.185.97
142.250.186.130
142.250.186.138
142.250.186.161
142.250.186.164
142.250.186.168
142.250.186.66
142.250.186.99
142.250.74.194
151.101.1.44
151.101.129.44
162.210.196.208
172.217.16.206
172.217.18.2
172.217.23.110
172.64.136.31
178.250.7.13
18.156.56.38
18.244.140.4
185.106.33.48
185.80.39.216
185.89.210.101
188.125.72.139
192.96.203.13
2.16.110.91
2.16.202.113
2.16.202.84
216.239.32.36
23.2.229.193
23.97.225.52
3.233.144.250
34.120.96.193
35.186.215.140
35.71.131.137
52.196.246.135
54.178.5.175
54.76.240.16
64.233.167.156
69.16.175.42
69.173.144.139
69.173.158.64
78.46.90.238
87.248.100.136
87.248.119.252
91.228.74.200
95.101.149.233
99.84.9.128
99.86.91.52
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04c436e4b60e879b687b1a53503388488141a36e4fce2de47f539b0be642a10e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba09039ddead4e5786e8ac622b4429213a762d0ae478c53e593f1f5ded1b035
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0dfb3a1cd1ae98125608a88b62fd25de595d1d216c3df750c746100b58f316e8
10a9e672670b5e8aade1c6d96f3b1797e77252554e9eb9c69b1ff0f95d4d980a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
16a1065364573f82a8ad5603507b626c3873cacd744a86af58a7536135fdee92
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a53a6535b3c2dfee2f658d857fc9f300cfbec47c664284f73993aec851f102d
1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
2164f8d242b2ffe4538a70bf6679aa6fe96e7425bf78e7929efa35123772ef34
234216924c0da0aa0ef02f54554b1bd764d6fc87deceed8534867a95ef009a04
24f689ac875399206e6ba940a48263c237849d3e2b881e6aa64741a23719d57f
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2764ac86322bc32fd74ca3e7a00cffe2667842f3fa343ad67c5ab07f45b110f3
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b379b0e54fc668b3f7d81915000ec5eb2986a9e20f4ea08d2d223c570dd9ae0
2b8181c086e95295406dfbef5c3ea6b5fdcbd28b3afca5255002e00504f082ee
2ff10d3eaa13e3b0873e5041ae9124f09d97de01462981b41a041155b27c331d
3008c20a8b77f0d280a3b0cd561406c22e3ddc022cf1358c39573478234b9dab
30175c6c1f76870c3e343151c0d5835f5be4b5ded974e9e10877f727b8ba880d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6
394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c4bcb979c513d255a7a006032a757a8797680b67b630e0a672611748635e266
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
47f4cf7f236c8370d0dfcba6878553103d55fe04d85f8c5373e39cc54131c544
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a0fd5c25fd71bedecd2a570f942316c1a99a2deceba75ae93e7f8fc34c537c5
4aa9839f8981074ca540d313097d5b2ee4d78fd868a38db0f09743a62e74334a
4ae2a06a20497b4f5d370f5f9953a35ae67c35e24d4723d7d156b90ce5769da7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4c72a836b84a634d453a61083ef8ab26c4558ba4b310fdb4df1e86ddef6b2fbd
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5095982c74e1e03bb8a67d116fcf087a93eb29db64f267af5df517e85e81665e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5855c356545e0069676c38171001be0d0567d699fbd342f566a4728dffc8bd1f
5962135eb2e88f4889b9bf417b0ecebfee05ca1ed67211649ccf9f65a3d34d12
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
5f59a3c29654bc266fbde5f87601b4e22800a57afa5b6034eea33f4587149d74
5fc11602bc8c4cab5fccf0f92a98169ebe32c5aadef9a8ac84346038c2b30c59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
63a967b93b2109c0f1dcca44b33372c903a5c9e89078c77dbe63201f2e25f064
6692d8a5a14b43ea79f4f2c831f0efacf19cdc9915516dc0a4d883457ce89cb4
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
66ec8abef5b59107998b1be7d9008c51e08b56ea63cddbe16237ede2688cdd4f
6720a8b9dff0cfe88809cd4c04328b41305ea9de264b515764f486e2d1671666
697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1
69e7ef7bf21b8978549bee2ca99e1f20f97141eba85928ba813a329af10883a7
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a221a12ef507637709c73f21371ba1fe99e9c4f4e6847a694b05369bbba05f7
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6a97285f998373434582c47f5ee057d9bbb7dafcaa741b2d4d4b91a6caa3f498
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d6bb06ce3e45c28c4426af478044d83e437468d495c8899e8e0111feac780d4
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7e16ab72c55ab607a4c9333739d57e950fa60ccaa290d4272dd882b0e3ba2496
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
801a26d10ff811cef0a29d2aa1367e292476c3b12f32417203c8693ad0fb51fa
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88c612d8c3d7bb0c50f1d5e4df587468432c27ddc8444fd25bce4aea1d47ed58
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efc297e293c1b29c226460f48308b828561ad749671ab54f32b670dad6f4f3c
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
940d723a79126a47d747c9ade7b14dc973b21436c81f1f4069c6032cff9d7cf9
9518f45748b88a1cff7606c6e823874b64a194c2bc543b2d7718154ec83d9d9d
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9a9d73ce920bd66cb47f6ecef66da58545b488315f7d58a66af5db94d97976cb
9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45
9f529175b3d44528280680ae6e24e3292d226685d09c8818b77984886b7b20e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b942f786a760a586e62b91aeb9f9e661c28295b107c215c1b3a69e2a4bb33b
a41774bf268539b9165810616fd75ddb0d2fa06b8c682c59e21492261716de8c
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d3524cbd38b9e98fc312d3aa6db8ee6cc873ba13332dab5bf8fa68033f347a
b462849d850e886e2eb136c0b482df55cb79a2879475ed21cf7e41a048608a31
b6254a4a16a3e6d4818042ae58d978e69b6bd8cd6a856b028c0eaec63a83b7de
b751c7ef24b8a91a3ed44c775ad011332e5b399eb0faa4a3da5b15fa99e70ef4
b99de2e4c121d06c1569852abd5e4bdaf0fcb229411b60ae9e672d0fbe0a7797
ba60ed020a43b48e0397544684cd41dd7d804657f6c94dc50ce11dbd561596d5
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bca22b8906a0fcf316d42d0a0e41aa2291afce21ba6c8e41b7c5e6e6da0d480c
bea31d82a530e0029178c357c553cf13aba4df2fd7390900d27eb77975740d02
beaeb78998c1dd59f4bd1c30f745b1af56a01cfa3b3db189e11d8a9570565aaa
c2a3650b9de1cd9cf945a29775f7f5f0d270904b6aa343ff992190ed68c00666
c2b03ba1d05fe5191f1720572c7f850e106cd3d2131493fe4a0e4b9309e0688d
c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288
c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628
c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc
c5a4caa084e7fd9e1b25d7923cc10c8b7410898f2e6a4b8736cba167b7855ecc
c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed
c8f1724bd314bb1545a4155a2a52edcf6bedd5717cf18fde816f9979e8fc8abb
ca87c1a6f4b1ace45c0aac7ceb72ad2e285c049ad2b199b318a40fc12989e992
cef6b560c2fb527308070ac08f2a617db883ce90b948d45f0552fac3eaea23b4
cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba
d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c
d4e731f5d6d507fbb5e3180e52639c0c2c0e4383add81f0e783412cec93d3ed3
d6d43e5d989d40ebd2f7648df5948e338694b137f796e80329b371c04aad55f9
d6ec1b666dcaf152bf6be9b9ecd449147fefc2416bfca8fbd3e4167974b4efd4
d9ceebf892c9a6b44db2158869110bb36e2ea529b4630fac1003e0626996db10
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e1a56d876538cdf66ae578f226857855caa19e371e0f4eb0cadee535206f5fe5
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb38d031b47f52c6c5aaa712162a81302848b23e5d6389dcc55b7e54e8dbe600
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee9a2ba825b6f1b0a3c24445ab2e03fc894c7c720039687fbc73b36dcbf32907
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f005cb5c191ad3eb25229e0221f5bee535f2e5335f586803f00266dbfe95477f
f048254b75126d392108582e99fa0999a18d58cbaf2cd0109805422b389c7b32
f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7ae2a8a52cc97ff6c2c9a9404bb11d261691249c1090606d6274ffc33af649a
f92d81070dbf9869e1dd41303ab810277ce0ee3df9b36f2232e66f618548fecc
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd37edde04b08e2f501d1fc213e318e47738d15eb9c897346b00686643b74039
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffafe3e4f891400194ce6d0e4b5d39b71559376a4e247df68d856ee8b8ffda7d

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

295 Requests

89 %HTTPS

0 %IPv6

39 Domains

77 Subdomains

57 IPs

10 Countries

3735 kBTransfer

11241 kBSize

12 Cookies

16 Outgoing links

Redirected requests

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

295
Requests

89 %
HTTPS

0 %
IPv6

39
Domains

77
Subdomains

57
IPs

10
Countries

3735 kB
Transfer

11241 kB
Size

12
Cookies

295 HTTP transactions
4 data transactions