www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qia...
Submission: On July 29 via manual (July 29th 2023, 11:30:19 pm UTC) from US — Scanned from PT

Summary HTTP 308 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 59 IPs in 12 countries across 50 domains to perform 308 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
5 11	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	104.26.5.103 104.26.5.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.50.131.209 23.50.131.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.50.131.214 23.50.131.214	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	52.199.103.74 52.199.103.74	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
31	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	3.233.145.141 3.233.145.141	14618 (AMAZON-AES) (AMAZON-AES)
18	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
5	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
2	23.53.42.112 23.53.42.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.45 108.138.7.45	16509 (AMAZON-02) (AMAZON-02)
1	172.64.103.25 172.64.103.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
1	18.66.97.81 18.66.97.81	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	142.250.13.157 142.250.13.157	15169 (GOOGLE) (GOOGLE)
3 3	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
10	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.199.134.236 54.199.134.236	16509 (AMAZON-02) (AMAZON-02)
4	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
15	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
18	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
3 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	18.66.97.113 18.66.97.113	16509 (AMAZON-02) (AMAZON-02)
10 16	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2 21	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
7 7	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 5	108.128.190.51 108.128.190.51	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
4 6	52.58.132.185 52.58.132.185	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	124.146.215.44 124.146.215.44	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	18.197.15.79 18.197.15.79	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	216.52.2.6 216.52.2.6	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2 2	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.122.169.238 3.122.169.238	16509 (AMAZON-02) (AMAZON-02)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	54.160.99.180 54.160.99.180	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	142.250.186.66 142.250.186.66	() ()
2	87.248.119.251 87.248.119.251	() ()
2	87.248.100.136 87.248.100.136	() ()
2	188.125.72.139 188.125.72.139	() ()
308	59

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.96.203.13 (Manassas, United States) 5 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.131.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-209.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.50.131.214 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-214.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.103.74 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-103-74.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.145.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-141.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

d-23735339143651018048.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.42.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-112.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-45.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.103.25 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-81.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.13.157 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.211.47 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.199.134.236 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-113.fra56.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 69.173.144.165 (Frankfurt am Main, Germany) 10 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 15.197.193.217 (Seattle, United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.128.190.51 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-190-51.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.33.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.132.185 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-132-185.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.44 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.15.79 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-15-79.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.207.25 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.169.238 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-169-238.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.99.180 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-99-180.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.251 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.136 (None, )

ASN- ()

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (None, )

ASN- ()

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 861 trc.taboola.com — Cisco Umbrella Rank: 616 vidstat.taboola.com — Cisco Umbrella Rank: 2544 il-trc-events.taboola.com — Cisco Umbrella Rank: 18940 images.taboola.com — Cisco Umbrella Rank: 1756 imprammp.taboola.com — Cisco Umbrella Rank: 13588 am-match.taboola.com — Cisco Umbrella Rank: 13614 wf.taboola.com — Cisco Umbrella Rank: 2645 am-vid-events.taboola.com — Cisco Umbrella Rank: 12767 sync.taboola.com — Cisco Umbrella Rank: 1093 vidstatb.taboola.com — Cisco Umbrella Rank: 4741 sync-t1.taboola.com — Cisco Umbrella Rank: 1328 match.taboola.com — Cisco Umbrella Rank: 5811 pips.taboola.com — Cisco Umbrella Rank: 1537 cds.taboola.com — Cisco Umbrella Rank: 1770 am-wf.taboola.com	1 MB
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com 6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com 7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com	644 KB
31	rubiconproject.com 15 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155 eus.rubiconproject.com — Cisco Umbrella Rank: 618 token.rubiconproject.com — Cisco Umbrella Rank: 613 pixel.rubiconproject.com — Cisco Umbrella Rank: 380 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30277 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1195	67 KB
28	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	776 KB
16	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 34825 sync.aralego.com — Cisco Umbrella Rank: 3157 agent.aralego.com — Cisco Umbrella Rank: 259927	10 KB
12	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13254	204 KB
11	yahoo.com 7 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 ads.yap.yahoo.com geo.yahoo.com	5 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 427	219 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 379	3 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1659 www.google.com — Cisco Umbrella Rank: 3	13 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 18007 e3.adpushup.com — Cisco Umbrella Rank: 18875	277 KB
6	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 350	2 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1121 s.amazon-adsystem.com — Cisco Umbrella Rank: 319	4 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	552 B
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 96246	39 KB
4	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62021 sync.logly.co.jp — Cisco Umbrella Rank: 67250	2 KB
3	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 716	550 B
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26212 audiencedata.im-apps.net — Cisco Umbrella Rank: 28818	3 KB
2	yimg.com s.yimg.com	60 KB
2	googletagservices.com www.googletagservices.com	113 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 714	881 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 403	737 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1139	1 KB
2	avads.net 2 redirects ads.avads.net — Cisco Umbrella Rank: 29062	483 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1006	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 823 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 689	641 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2950	633 B
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 973736	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	918 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 417 dis.criteo.com — Cisco Umbrella Rank: 623	826 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	83 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017	10 KB
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9286	505 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 29387	12 KB
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1818	467 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 764	1 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	1 KB
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 554	882 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 763	245 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 898	188 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1129	725 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 859	762 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 384	514 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1198	634 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20002	3 KB
1	ampproject.net d-23735339143651018048.ampproject.net
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88617	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	19 KB
308	50

	Domain	Requested by
31	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co agent.aralego.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co
18	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net agent.aralego.com www.bg3.co www.googletagservices.com
15	il-trc-events.taboola.com	www.bg3.co
14	sync.taboola.com	2 redirects imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com www.bg3.co
14	cdn.taboola.com	www.bg3.co cdn.taboola.com
12	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	images.taboola.com	www.bg3.co
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	eus.rubiconproject.com	ads.aralego.com nt.compass-fit.jp eus.rubiconproject.com imprammp.taboola.com am-match.taboola.com
9	pixel.rubiconproject.com	6 redirects eus.rubiconproject.com
7	match.adsrvr.org	7 redirects
7	token.rubiconproject.com	4 redirects eus.rubiconproject.com
7	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
6	x.bidswitch.net	4 redirects am-match.taboola.com www.bg3.co
6	cm.g.doubleclick.net	3 redirects eus.rubiconproject.com www.bg3.co
6	www.google.com	tpc.googlesyndication.com
6	trc.taboola.com	cdn.taboola.com imprammp.taboola.com am-match.taboola.com www.bg3.co
6	www.google-analytics.com	cdn.ampproject.org www.bg3.co www.googletagmanager.com
5	pr-bh.ybp.yahoo.com	5 redirects
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	sync.aralego.com	ads.aralego.com www.bg3.co eus.rubiconproject.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	agent.aralego.com	4 redirects
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
3	u.openx.net	2 redirects www.bg3.co
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp eus.rubiconproject.com
3	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
3	secure-assets.rubiconproject.com	3 redirects
2	geo.yahoo.com	adx.holmesmind.com s.yimg.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	pixel-sync.sitescout.com	2 redirects
2	eb2.3lift.com	1 redirects www.bg3.co
2	rtb.mfadsrvr.com	2 redirects
2	ads.avads.net	2 redirects
2	sync-t1.taboola.com	www.bg3.co
2	ce.lijit.com	1 redirects www.bg3.co
2	ih.adscale.de	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	t.adx.opera.com	www.bg3.co
1	sync.srv.stackadapt.com	1 redirects
1	match.taboola.com	www.bg3.co
1	id5-sync.com	www.bg3.co
1	dis.criteo.com	1 redirects
1	rtb-csync.smartadserver.com	www.bg3.co
1	bh.contextweb.com	www.bg3.co
1	simage2.pubmatic.com	www.bg3.co
1	trace.mediago.io	1 redirects
1	ssbsync.smartadserver.com	www.bg3.co
1	tg.socdm.com	1 redirects
1	p.rfihub.com	1 redirects
1	vidstatb.taboola.com	www.bg3.co
1	pixel-us-east.rubiconproject.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-apac.rubiconproject.com	1 redirects
1	imprammp.taboola.com	vidstat.taboola.com
1	fonts.googleapis.com	cdn.taboola.com
1	ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.bg3.co
1	audiencedata.im-apps.net	dmp.im-apps.net
1	gum.criteo.com	cdn.taboola.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	l.logly.co.jp	nt.compass-fit.jp
1	secure.quantserve.com	cdn.adpushup.com
1	d-23735339143651018048.ampproject.net	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
308	92

This site contains links to these domains. Also see Links.

Domain
mysearchesnow.com
popup.taboola.com
trc.taboola.com
za.investing.com
search.bkewes.com
find-dubai-properties.fyi
voip-france.site

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 41 frames:

Primary Page: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Frame ID: 93482E42DA21BC9A96635BE33C36570D
Requests: 141 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9A2A93ACC9C8BC26176A4FBF484EC314
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: ED79669096509ED03339608D1B1F3BA6
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BEBFA365ED17F762BD66C5E8D3D99FC2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: C211A8003E1FEFF7B75FD811A3E0CCA4
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-12068888773073357206&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3290&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=559005129&ga_cid=amp-ICTyN5AVg_5yKv9jhzzVfw&ga_hid=5129&dt=1690673410413&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&bdt=1398&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: ED285713C4DF6FC7813F3688C793058D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1862BB45E8BADF8B0AAF409A274376DF
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 214A6CC678EA584CCD3780E44B4846BF
Requests: 4 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: B4D594B502F2D6A37508800D584BC8DD
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 2DBFDA4BF41214E9F879658A330737DC
Requests: 4 HTTP requests in this frame

Frame: https://295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 94F5A9A27087CCD90B9857878C31A0ED
Requests: 1 HTTP requests in this frame

Frame: https://ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 78D83B00F1594049E015CC9FC700B700
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: C6E1E50EE4CB9E024A45DE21A6C719CA
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 146E57D2188159A453843FEC313E5BD6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 991E2D60B8244FD7C6C734F9E75E4D98
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20B5AD6FE9596A157A1D446860F9BCED
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7365B1403705DB653091F259C0FE1DC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 421C244B5DDCCBD5FD776217B1E7A9A5
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1690673411635&uv=3310&tms=1690673411635&abt=nonrv_vA!ufm_vD!ul3310_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=14e65e77-23f0-48ab-ba99-c290e4912873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 65138931C142862E3832FC5E10773496
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D34F2CA64A6C6D56F85D220399EEB314
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AA0B8453667A1BF0A0D8B58A201F37B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1EB127B0F0E6422688ED893FA53FBAB9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36CD2A91431939BC567554C08E4030C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB9C4F986D33BCBD7A712FB24BA092A3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 42416A45606EE93F496D978855F32FC7
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 892EEDB0C1DFE5271944006D2644E435
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: C355F872DA7EBF521C875440CF201054
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMWhBsCo8X8AAGiM908AAAAA
Frame ID: 0FD52C4266D364AD8529634E91A98BEF
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7138132D1273310F669D832C1F5FC1B4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8CE1F558AEE5760C8D9FBDFE8B57462C
Requests: 6 HTTP requests in this frame

Frame: https://6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 2D6747130430F063CBFAC4AF05496EB1
Requests: 1 HTTP requests in this frame

Frame: https://7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 2D972E88F87B5F699287F9E31535F065
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuctRNDaBSuQQ_a8z6Y_Ha--FHSv2OfvyYzSylW9fODkgr3EpTqcQUzjMdz90GwxXfArfnl429XSvaYAMmGABAVf_RYsgnTQb3i9irV7B-TGBzVapQ2rlT-qmFXqFt25u7bpzXgYnbmnlMRE3V04ANkfLbpW7OE_Y5xUwO-vfj6y8yhRNBxeRMTFKID2rhdWKj1ej8QLha7msHL6auObBme1KF_G4-gE231SCDUd12PN8L8k13uD8EE_v1LWCEVYwMNi3rtujxYapJM6jFV-zpIDnYedz10WtoUNluCq13Zc3mh002tO18agi1E6gvP834tVxhPJiYgl76M&sai=AMfl-YTCPnDhGhxJ6GYm2CJiqLPcrAEVibSEmBw2wJb4yJw7L8Ordwf_6xfp4Hns5w_7Q5m4WNSJ-_ZOz4akLaqyloAdxveHQWN5t3x0Bg&sig=Cg0ArKJSzB2YL6mFBYr-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2E423FA5A130292B3782834A80866F79
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2472F016744C8934D3A931600CABF7F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 72BD06373BA4E72624A825AEFE447D02
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVNcUxS6wxzvXUPevQ5BXKZSdOo3YQDg4KY1FCVWy_ECajvvFz-Cfbn0_R4oX59ytI1h7_7S7yEUvg3_QrIDjUSCZXO7pA4Db7WTrYuIQX8_wT6mJSaFh06xl2CWYqHt_mxr13QEABhKKQsoJ4UgEKJPvBJhDpwz3B7Ze7bPPXjS7doo5XDB3p1tDw_PldO4VdLB_lLhB-WVLgwx2J4D6fuGBJ0NZwmscFH7J3ynmQH1W68lomnaWkzBwXBwbsR-vmKuNw2WzQtppI9opxcder3yMy2_o6WyVigb22_96Fc1Wo43lrofQw7eSm2pT6-pvWv8lCrNlVEtkh&sai=AMfl-YTfEmUDg0K2cYkHtgdAlGvggEVJFsQJhQgx1Pos7LV9U9DXVd7T7cRCKzoF_Q8DSiWQ6U5sLuC9eal-Ogw0zScIiX2YWPgjTEoBZw&sig=Cg0ArKJSzJ7x_H3fezKqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 98A32623EC627696788C1F82F49B8021
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01EB9D894EA6CE740B3772D0341BDCC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88D1478BD14918BF64920649650D015A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 8F61F8C0DA6E2AE2FE000821BB460707
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 8B79C38013FE20990670F09D14F00E20
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: D70E84EAB17EADE50FE71416C9CBE510
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

韓妞都瘋買的抗老小金瓶！超奢華99%純金箔精萃不到2千就能買 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

308
Requests

77 %
HTTPS

0 %
IPv6

50
Domains

92
Subdomains

59
IPs

12
Countries

3955 kB
Transfer

11394 kB
Size

65
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://mysearchesnow.com/direct/home:product:wallpaper-in-en
Title: Wallpaper Pros | Search Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ri=e917cab06765956578bde7d2ab0f2302&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&it=text&ii=~~V1~~1487367675498759422~~jdfCox6cZCgyd1xP5Ayzs8eRXHDRiy84h0Mb8s6FjaV6z9MTIvrk6hN-f7XzGyn5NeA7V95tqe5A54TgM2HjNYoA01xpp8L7RA_btY9496ONc_A16hboyXK1iT8ZtkXK6i1jEDMuu6AJ7paZ52EXnvcsx1e6QILEFDqgtDyUsoPNJO_qbdzbKivgPKyiCZ_tQnd70_QU6rHN3rty2k9AnTbK9DXJo6toK8CEn-zjevW2jd0yogJpBSmHL7VcHIUOyMeq4TRIr9cW-SHJPnbRzQ&pt=text&li=rbox-t2v&sig=30135ce796bd2dcac960a52cf6c6b30ae8a1993eed54&redir=https%3A%2F%2Fmysearchesnow.com%2Fdirect%2Fhome%3Aproduct%3Awallpaper-in-en%3Futm_source%3Dtaboola%26campaign_id%3D26548680%26publisher_name%3Dpalmate-bg3co%26publisher_id%3D1524057%26ad_id%3D3717997213%26tbclid%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDErFooiruL4pm9vYRy%26bid%3DBlYILQ1EqBDfOwBtD01UKrIUPC6R1tJH4-lzeJKRr-s%3D%26tblci%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDErFooiruL4pm9vYRy%23tblciGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDErFooiruL4pm9vYRy&vi=1690673410611&p=peakventuresgroup-draincleaning-sc&r=83&tvi2=5906&lti=deflated&ppb=CMAD&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4MziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI-SEQki4YAmRjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNIDEOAGGAhkYwj3__________8BEPf__________wEYCWRjCK9HEKReGAtkYwikJxCKNRgvZGMI0DcQ_koYMGRjCKo1EIhNGDJkYwjaRBD3WhgTZGMI3AoQ-xoYFmRjCJYUEJccGBhkYwjkSRC7YRg4ZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBj-Xzn5ox&cta=true
Title: Get Offer

Search URL Search Domain Scan URL

URL: https://za.investing.com/magazine/unusual-discoveries-found-in-unexpected-places/
Title: investing.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://search.bkewes.com/c/zrEW26Vy2PW8B4lv
Title: Dental Implants in Turkey | Search Ads

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ri=786dce682e06e9306338ca185a7b6cb7&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&it=text&ii=~~V1~~2066276110662276085~~FdIJTb-njRVsKH3jzoX4TJTm6pqbklrY9rgZIPRxWT5delZWlzACrkVQrNqkCzIHk-u9kFCMUQQpqAE8AdpRUfznhRHHGzObV3Dh1szYaUgnVCJ_p8rA182c69pn4UAc7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=d7ea20cbda07c2ac21fe64e48bd48b9dbd33fa7e7411&redir=https%3A%2F%2Fsearch.bkewes.com%2Fc%2FzrEW26Vy2PW8B4lv%3Fsrc%3Dt%26site%3Dpalmate-bg3co%26clickid%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDn5l4o3te7lpG3tfnbAQ%26tg1%3Dpalmate-bg3co%26tg2%3D264_dabk_dentalimplantstu_tab_all%26tg3%3D25478405%26tg4%3Dtaboola%26title%3DThe%2BCost%2Bof%2BDental%2BImplants%2Bin%2BTurkey%2BMight%2BSurprise%2BYou%26tblci%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDn5l4o3te7lpG3tfnbAQ%23tblciGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDn5l4o3te7lpG3tfnbAQ&vi=1690673410611&p=bake-d-3&r=13&tvi2=5906&lti=deflated&ppb=CJsH&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4MziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI-SEQki4YAmRjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNIDEOAGGAhkYwj3__________8BEPf__________wEYCWRjCK9HEKReGAtkYwikJxCKNRgvZGMI0DcQ_koYMGRjCKo1EIhNGDJkYwjaRBD3WhgTZGMI3AoQ-xoYFmRjCJYUEJccGBhkYwjkSRC7YRg4ZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBj-Xzn5ox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://find-dubai-properties.fyi/
Title: Dubai Apartments | Search Ads

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ri=08eb96b343af9e09b7d32d09c02cd9c2&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&it=text&ii=~~V1~~197918814276273199~~C7-Ve0fhq3z7OWQbu9mdzbX1094xBs68rrLk2sBWvTxmRsyfXjhkLC69ThFGuatgJt2e4fghomDtwrE-lyey0LT_KGFdD1etn4hCdxpL3ZQQrddRmfuY6dnfmd6wuJYf7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=114857f735c6cec8ec7ab330521e8345666399ca2621&redir=https%3A%2F%2Ffind-dubai-properties.fyi%3Fref%3Dtaboola-palmate-bg3co%26sub_id%3Dpalmate-bg3co%26sub_id2%3D1930-dubaiapartments-taboola-all-cp15%26tbid%3D1353010%26tbclick%3Dsysclick%26compkey%3DDamac%2BCavalli%2BDubai%26rskey%3DDamac%2BCavalli%2BDubai%26tblci%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiCellQo1JbE1_HLiejuAQ%23tblciGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiCellQo1JbE1_HLiejuAQ&vi=1690673410611&p=southportintelligence-southport33-sc&r=83&tvi2=5906&lti=deflated&ppb=CMkB&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4MziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI-SEQki4YAmRjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNIDEOAGGAhkYwj3__________8BEPf__________wEYCWRjCK9HEKReGAtkYwikJxCKNRgvZGMI0DcQ_koYMGRjCKo1EIhNGDJkYwjaRBD3WhgTZGMI3AoQ-xoYFmRjCJYUEJccGBhkYwjkSRC7YRg4ZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBj-Xzn5ox&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://za.investing.com/magazine/bizarre-valuable-discoveries-found-in-unexpected-places/
Title: investing.com

Search URL Search Domain Scan URL

URL: http://voip-france.site/
Title: Sponsored Listings

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ri=57f762f7ed05928bcc9436dde4c88f23&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&it=text&ii=~~V1~~1487367675498759422~~jdfCox6cZCgyd1xP5Ayzs8eRXHDRiy84h0Mb8s6FjaV6z9MTIvrk6hN-f7XzGyn5NeA7V95tqe5A54TgM2HjNYoA01xpp8L7RA_btY9496MGHtqD8bgpYJ_q866bxJxgtBlNrDQ6FmBWdyg7H1G0Vfcsx1e6QILEFDqgtDyUsoPNJO_qbdzbKivgPKyiCZ_tQnd70_QU6rHN3rty2k9AnTbK9DXJo6toK8CEn-zjevW2jd0yogJpBSmHL7VcHIUOyMeq4TRIr9cW-SHJPnbRzQ&pt=text&li=rbox-t2v&sig=2a608e1f75f7f1c17e9238040a1145aeb000cdb9f244&redir=https%3A%2F%2Fmysearchesnow.com%2Fdirect%2Fhome%3Aproduct%3Awallpaper-in-en%3Futm_source%3Dtaboola%26campaign_id%3D26548680%26publisher_name%3Dpalmate-bg3co%26publisher_id%3D1524057%26ad_id%3D3717997213%26tbclid%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDErFoo8dGB8JydkJKNAQ%26bid%3DBlYILQ1EqBDfOwBtD01UKv3cHZYFRcUizQlowTNFpL0%3D%26tblci%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDErFoo8dGB8JydkJKNAQ%23tblciGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDErFoo8dGB8JydkJKNAQ&vi=1690673410611&p=peakventuresgroup-draincleaning-sc&r=65&tvi2=5906&lti=deflated&ppb=CLED&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4MziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI-SEQki4YAmRjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNIDEOAGGAhkYwj3__________8BEPf__________wEYCWRjCK9HEKReGAtkYwikJxCKNRgvZGMI0DcQ_koYMGRjCKo1EIhNGDJkYwjaRBD3WhgTZGMI3AoQ-xoYFmRjCJYUEJccGBhkYwjkSRC7YRg4ZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBj-Xzn5ox&cta=true
Title: Get Offer

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ri=57f762f7ed05928bcc9436dde4c88f23&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&it=text&ii=~~V1~~197918814276273199~~C7-Ve0fhq3z7OWQbu9mdzbX1094xBs68rrLk2sBWvTxu4n0-S0g0-u5jrtd_6qw2Jt2e4fghomDtwrE-lyey0LT_KGFdD1etn4hCdxpL3ZQQrddRmfuY6dnfmd6wuJYf7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=675d8fb854928b5c0440f6da0f4c3de941f6e69fc75d&redir=https%3A%2F%2Ffind-dubai-properties.fyi%3Fref%3Dtaboola-palmate-bg3co%26sub_id%3Dpalmate-bg3co%26sub_id2%3D1930-dubaiapartments-taboola-all-cp15%26tbid%3D1353010%26tbclick%3Dsysclick%26compkey%3DDamac%2BCavalli%2BDubai%26rskey%3DDamac%2BCavalli%2BDubai%26tblci%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiCellQolIzMvseE9e72AQ%23tblciGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiCellQolIzMvseE9e72AQ&vi=1690673410611&p=southportintelligence-southport33-sc&r=42&tvi2=5906&lti=deflated&ppb=CLED&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4MziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI-SEQki4YAmRjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNIDEOAGGAhkYwj3__________8BEPf__________wEYCWRjCK9HEKReGAtkYwikJxCKNRgvZGMI0DcQ_koYMGRjCKo1EIhNGDJkYwjaRBD3WhgTZGMI3AoQ-xoYFmRjCJYUEJccGBhkYwjkSRC7YRg4ZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBj-Xzn5ox&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ri=f304aab1c4204c7f8b895786958fa2ae&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&it=text&ii=~~V1~~2066276110662276085~~FdIJTb-njRVsKH3jzoX4TJTm6pqbklrY9rgZIPRxWT4Igg4dU0Cz2o6iFZKP8lK5k-u9kFCMUQQpqAE8AdpRUfznhRHHGzObV3Dh1szYaUgnVCJ_p8rA182c69pn4UAc7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=89329c1811050f998c83b3b490ced7f04c60110a342c&redir=https%3A%2F%2Fsearch.bkewes.com%2Fc%2FzrEW26Vy2PW8B4lv%3Fsrc%3Dt%26site%3Dpalmate-bg3co%26clickid%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDn5l4o3veOn6Guq7m-AQ%26tg1%3Dpalmate-bg3co%26tg2%3D264_dabk_dentalimplantstu_tab_all%26tg3%3D25478405%26tg4%3Dtaboola%26title%3DThe%2BCost%2Bof%2BDental%2BImplants%2Bin%2BTurkey%2BMight%2BSurprise%2BYou%26tblci%3DGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDn5l4o3veOn6Guq7m-AQ%23tblciGiDjLV9E40HNvK0ahYSo4thOKxtsCV5BDGOkv_gI4E09PiDn5l4o3veOn6Guq7m-AQ&vi=1690673410611&p=bake-d-3&r=16&tvi2=5906&lti=deflated&ppb=CH4&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE4MziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI-SEQki4YAmRjCNcWENUfGCNkYwjc__________8BENz__________wEYJGRjCNIDEOAGGAhkYwj3__________8BEPf__________wEYCWRjCK9HEKReGAtkYwikJxCKNRgvZGMI0DcQ_koYMGRjCKo1EIhNGDJkYwjaRBD3WhgTZGMI3AoQ-xoYFmRjCJYUEJccGBhkYwjkSRC7YRg4ZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgBj-Xzn5ox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 77

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 81

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 88

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 141

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690673411&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690673410880&bpp=16&bdt=927&idt=344&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=5146997347170&frm=23&ife=1&pv=2&ga_vid=1384457168.1690673411&ga_sid=1690673411&ga_hid=1857880825&ga_fc=0&ga_cid=amp-ICTyN5AVg_5yKv9jhzzVfw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1370202504&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076341%2C31076343%2C31076481%2C44788442%2C21065724&oid=2&pvsid=1020427057196935&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dsx4p2v9f43c&fsb=1&dtd=459 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 146

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690673411&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690673410908&bpp=13&bdt=934&idt=366&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=5146997347170&frm=23&ife=1&pv=1&ga_vid=1160444544.1690673411&ga_sid=1690673411&ga_hid=730640809&ga_fc=0&ga_cid=amp-ICTyN5AVg_5yKv9jhzzVfw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=5944&biw=1600&bih=1200&isw=336&ish=280&ifk=3028742849&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076484%2C44788442&oid=2&pvsid=2230691468345996&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ny9dblq1gswj&btvi=1&fsb=1&dtd=492 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 171

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3

Request Chain 172

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Uh20KoRE2oREqWa9q_tJ8V8mj0oPRdPNSTLwTg--~A

Request Chain 175

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKONAPI4-1V-23ZR HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPI4-1V-23ZR

Request Chain 177

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKONAPIE-1N-AKGT HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPIE-1N-AKGT

Request Chain 178

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly&khaos=LKONAPIE-1N-AKGT HTTP 302
https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKONAPIE-1N-AKGT

Request Chain 180

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aWk-6GTBRRq1GXaGLsp3ZA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aWk-6GTBRRq1GXaGLsp3ZA

Request Chain 181

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/EivRwdpqK2bj9QF8a5incsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-H2W9kO9E2oIW7c6O.tJykRXABVxHfnfpYUgauQ--~A

Request Chain 182

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RfEOt-TDR_i6gUDLw7NuGw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RfEOt-TDR_i6gUDLw7NuGw

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM01B3vUR8QF5iuLnhV4k5o&google_cver=1

Request Chain 184

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBjYTViM2YyYTFjMzhiMzU4Y2Q4MWNjZWVjNjlmZTA3ODk4NWM0Mw

Request Chain 185

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKONAPIE-1N-AKGT

Request Chain 186

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3&gdpr=0&gdpr_consent=&expires=30

Request Chain 187

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtPTkFQSUUtMU4tQUtHVA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8lOIURU-slXrCNARjdw7c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPTkFQSUUtMU4tQUtHVA==&google_push=

Request Chain 188

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3

Request Chain 189

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A

Request Chain 190

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lfU0e.dE2uE8itS3qaYMgEzBEVchmSL.~A&gdpr_in_effect=0

Request Chain 195

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LKONAPIE-1N-AKGT HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT&gdpr=0&us_privacy=1---

Request Chain 215

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-G963yjJE2oSO9Dnkmv2SPjAIolyT1746gCSqgQ--~A

Request Chain 216

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526916689554&expires=30&ssp=taboola

Request Chain 218

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMWhBsCo8X8AAGiM908AAAAA

Request Chain 219

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=de9a9db16baa4105894834d7a1b4318a HTTP 302
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=de9a9db16baa4105894834d7a1b4318a

Request Chain 221

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT

Request Chain 222

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A

Request Chain 223

https://trace.mediago.io/ju/cs/taboola HTTP 302
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1d4c2e5365ae60d2c71ef0acf9e99098

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEF521Bvv77Petg2-UnZHv-0&google_cver=1

Request Chain 226

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682

Request Chain 227

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3

Request Chain 228

https://ce.lijit.com/merge?pid=42&3pid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 231

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f49b2176-dfad-4a3f-8af9-c8bcf9d40a53

Request Chain 233

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c9fc9385-41ce-410e-9241-f4d9908c306c&gdpr=0&gdpr_consent= HTTP 302
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c9fc9385-41ce-410e-9241-f4d9908c306c&gdpr=0&av_tc=True HTTP 302
https://x.bidswitch.net/sync?dsp_id=352&user_id=f536dcbb-fb28-4abc-87f8-adf09cc502d0&expires=15&ssp=taboola&bsw_param=c9fc9385-41ce-410e-9241-f4d9908c306c

Request Chain 234

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7879e9fe-1260-4b1a-a6a1-bb04362e3e3c HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&tbid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&query=taboola_hm%3D7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&isDirect=0

Request Chain 235

https://u.openx.net/w/1.0/sd?id=543998486&val=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=

Request Chain 236

https://eb2.3lift.com/xuid?mid=7772&xuid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 237

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM

Request Chain 239

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cd9eaee5-c140-4081-bd9a-8ddd94675949

Request Chain 240

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=&redir= HTTP 302
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2013d632-b292-4f99-82ec-b5486bb0488d-64c5a106-5858

Request Chain 248

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 249

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 295

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 296

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

308 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html Show response
www.bg3.co/a/ 62 KB
19 KB 1782ms
1249ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 42cff7d4afcab118e099caa38fea90d84fda4b42a0f007286c684cb3be4235e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 23:30:08 GMT
etag: "f7f5-uDdP7Ff7fVUfHONLlw2X9zngwaY"
expires: Sat, 29 Jul 2023 23:45:08 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 291ms
108ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 23:30:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72978
x-xss-protection: 0
server: sffe
etag: "c0980513e2e94248"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Jul 2023 23:30:09 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 281ms
98ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 23:30:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9690
x-xss-protection: 0
server: sffe
etag: "bf0e1f4c4e9c9147"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Jul 2023 23:30:09 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 248ms
88ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 23:30:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7621
x-xss-protection: 0
server: sffe
etag: "87192053f7ea25a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Jul 2023 23:30:09 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

194ms
66ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11994
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmHEYTph4gHqTWNRUyRWf1OxpQxw5BuVgo37QjZLOk7iQPGlQWx%2FVU2xuPpEWQH4toGYF3tfl%2B2bKXYC8QI5D6Qf9fQeoHQRKXgQGmTvRpqOv0H5yTc0By846ozh%2BQwhww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee925eb5e979500-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 264ms
87ms Script
application/javascript 23.50.131.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-209.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
last-modified: Sat, 29 Jul 2023 07:00:27 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Sun, 30 Jul 2023 00:30:09 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 650 KB
137 KB 273ms
89ms Script
application/javascript 23.50.131.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-214.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: b8a6b67b95245dbbe4fddb8aa4395636d755750b2affdf62f2256bc5cc3b2b93

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
last-modified: Sat, 29 Jul 2023 11:30:26 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1690673409168_388605782_166834745_553_1289_37_0_146";dur=1
x-cf-geodata: PT
content-length: 139375
expires: Sun, 30 Jul 2023 00:30:09 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 399 KB
49 KB 1252ms
1152ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9191935d70742ec57067c3f5146b44fd2a2084851230bcc665985ed9df861d8b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qW6d.Zg4BbVWBfaFJZoMUUWX9JUTZqmW
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:10 GMT
x-amz-request-id: P2H3JCE0F6ZTY6ME
age: 1
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 49407
x-amz-id-2: cNy7qAu5pxt5xcw+JrgJHRHm2uNFXoIQmWc6ZdLh4cf976/CZUKEFHJ6CcRjuxuAdcrgZz0KVc8=
x-served-by: cache-lis1490025-LIS
last-modified: Thu, 27 Jul 2023 20:23:48 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673409.165126,VS0,VE1104
etag: "73bd155b976e93c86de1e50debc60ec4613cd9a6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 26
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1098ms
516ms Script
text/javascript 52.199.103.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.103.74 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-103-74.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e38f2e873c9ec64c6efc2f1d5ac8d1f09f6982b62bf17e40c81db3ec1d88bc27

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 203ms
79ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690673409.cdn4-pxy039-mad02.ma1.evs,1690673409.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET f8dd79f475bae5a3801a067df3c07ecc.jpg
static.bg3.co/imgs/202106/ 0
0

GET 1257892f1eec349ca94504a29df0716d.jpg
static.bg3.co/imgs/202106/ 0
0

GET 8d05b9d7e5f824860c67ada7d1dc7a68.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7a30725c6dacd55dd0be8b16d3ea84a5.jpg
static.bg3.co/imgs/202105/ 0
0

GET 6d0b9503bf65f6271c63801afda75981.jpg
static.bg3.co/imgs/202111/ 0
0

GET 44442e5c8ffd42393ad94680db6a5758.jpg
static.bg3.co/imgs/202106/ 0
0

GET 5a78e413c6621e7b8a0b84721b4548c9.jpg
static.bg3.co/imgs/202105/ 0
0

GET bb4be3147b210a20a3f4c49cf932a116.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8ce7830c3de5b0aa70aabff4cc55841f.jpg
static.bg3.co/imgs/202106/ 0
0

GET 0cca8290a08c5aae3d8ce4a37dbce6ad.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4472eaa4e1ec210f34855e2e99eb8b72.jpg
static.bg3.co/imgs/202106/ 0
0

GET 9850538054e699808be8d78bb129c689.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2c7cc44ec16ed25fbc047149919e0769.jpg
static.bg3.co/imgs/202105/ 0
0

GET 10350a5b926b8181ee24a8ad90a5ad04.jpg
static.bg3.co/imgs/202105/ 0
0

GET 424cb555b7ac569ef33debe6506b8aea.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0504e3a1a785d3bd3b8d5422b12b632d.jpg
static.bg3.co/imgs/202201/ 0
0

GET 6769131cb038c4e77019486123f56d07.jpg
static.bg3.co/imgs/202106/ 0
0

GET 502e2fc0233c03496ec5a834ac0d58aa.jpg
static.bg3.co/imgs/202105/ 0
0

GET 96c5b485b6772e7409541ab050cc6b88.jpg
static.bg3.co/imgs/202106/ 0
0

GET 77072cfff12e050ce240a36dcf22b2ef.jpg
static.bg3.co/imgs/202106/ 0
0

GET fe2a5f7bd60b21738bf1eac382624acc.jpg
static.bg3.co/imgs/202011/ 0
0

GET e812e58a47933eb76faab8ca4140a748.jpg
static.bg3.co/imgs/202106/ 0
0

GET 8f9782bcf535081daf5535a4f8ba09a7.jpg
static.bg3.co/imgs/202105/ 0
0

GET e83bcc0c5f87bad22ab63e87a9c7ba1b.jpg
static.bg3.co/imgs/202106/ 0
0

GET 1fa30de1ed283d5ef9ae94f33793eaea.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4e65166e8d16df38b07c6495d2bc979b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7dc31550d16e6a424bfb03d1bbef52a8.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 8 KB
3 KB 246ms
82ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 04:17:43 GMT
age: 155546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3031
x-xss-protection: 0
server: sffe
etag: "ab4976f290799864"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 04:17:43 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 82 KB
23 KB 247ms
86ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:22:22 GMT
age: 101267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
server: sffe
etag: "79cbf92139ba05f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 19:22:22 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
822 B 304ms
118ms Fetch
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

354870399cd25b9a3e2d93b89ab95c7d37b034d9a813a3508eebeba38b09330b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 13 KB
4 KB 271ms
118ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 09:03:00 GMT
age: 138429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "41886e59cfb0dca0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 09:03:00 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 78ms
78ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690673409.cdn4-pxy039-mad02.ma1.evs,1690673409.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 92ms
91ms Image
image/jpeg 23.50.131.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1690673409570
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-209.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:09 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Sun, 30 Jul 2023 00:30:09 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 491ms
184ms Fetch
application/json 3.233.145.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-141.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 261ms
84ms Script
application/javascript 23.50.131.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-214.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1690673409726_388605782_166834935_150_1201_36_0_146";dur=1
content-length: 122286
expires: Sun, 28 Jul 2024 23:30:09 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
560 B 308ms
184ms Script
application/javascript 23.50.131.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-214.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1690673409822_388605782_166834937_71_916_36_0_146";dur=1
content-length: 211
expires: Sun, 28 Jul 2024 23:30:09 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 306ms
184ms Script
application/javascript 23.50.131.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-214.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1690673409822_388605782_166834936_45_984_36_0_146";dur=1
content-length: 18371
expires: Sun, 30 Jul 2023 00:30:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 312ms
101ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b9a0591dd673e4c59e4734c8b6e5ab30e4c4d36642a847175bbe6dbf34c02778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27971
x-xss-protection: 0
server: cafe
etag: 622 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:09 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 294ms
97ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTA2NzM0MDk2NTgsInBhY2tldElkIjoiMDAwMEE3MDEtMmYwYjUxYTktYmE1NC00MTVmLWE3MmYtYjJiZDRlMTQyZWU5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhbi1uaXUtZHUtZmVuZy1tYWktZGUta2FuZy1sYW8teGlhby1qaW4tcGluZy1jaGFvLXNoZS1odWEtOTktY2h1bi1qaW4tYm8tamluZy1jdWktYnUtZGFvLTJxaWFuLWppdS1uZW5nLW1haS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJQVCJ9&c_b=2430.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 295ms
99ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:09 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 300ms
114ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

19a95ba9c933d2d3798025717a189d2f87680fc882f2fb956b272b59fe97d706

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Z7OTcQWbInsAQDiSbTmzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-0Z7OTcQWbInsAQDiSbTmzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 40 KB
10 KB 84ms
83ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:41:21 GMT
age: 100128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10402
x-xss-protection: 0
server: sffe
etag: "c578ba47d9485b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 19:41:21 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 213 KB
56 KB 84ms
84ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jul 2023 13:19:18 GMT
age: 36651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57626
x-xss-protection: 0
server: sffe
etag: "3e8e186b2ecc0e4f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 28 Jul 2024 13:19:18 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
619 B 71ms
71ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11782
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF3dTGCoO3wtndDxxKEPg5UpSJ1iMlUL35kEJVqaDzkVdwOoKcV%2BmOj51yJFqsXfXwrQ%2FoR1fWIagv3U5BYB%2FbNuHsp9ghSMKY%2BAt0Awfg7gZO9BsPL5soBdbGRF8uN55Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee925ec586a9500-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 603ms
143ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 605ms
154ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 534ms
207ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.47595252703784396&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:10 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 566ms
237ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9794989693631175&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:10 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 110 KB
31 KB 82ms
82ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jul 2023 22:40:15 GMT
age: 2995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32157
x-xss-protection: 0
server: sffe
etag: "908a1aa3777c50a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 28 Jul 2024 22:40:15 GMT

GET
H2 200 nameframe.html
d-23735339143651018048.ampproject.net/2307150128000/ 0
0 287ms
93ms Other
text/html 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-23735339143651018048.ampproject.net/2307150128000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 300ms
90ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 05 Aug 2023 23:30:10 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 81ms
81ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4972
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 22:07:18 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 286ms
91ms Script
text/javascript 23.53.42.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 494ms
310ms Script
text/plain 108.138.7.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDY3MzQwOV8xX2JjODQ2YWY2NmVkNQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-45.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:30:10 GMT
Via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: blrRRV2beq-tqbem8fzBkYdyy6S8NuhlPjZ6MA80u8csD9bJ_m9hyg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 2 KB
812 B 83ms
82ms Fetch
application/json 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 05:12:27 GMT
age: 152263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "c5b3128fd0184624"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 05:12:27 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 206ms
72ms Fetch
application/json 172.64.103.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.103.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10956
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Jul 2023 20:27:34 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oHpGg7AUIo3oO3XwVk%2BT1FIcIMhpuYgrfjPvVfu4AFoPxFdBosYpVtOlVf6gv01Wtl0xHWKhBNkUWZtyX8C4ZaU%2BQrvXz9AxYAwKL4EJ%2B%2F7HE5ZFWWvGpu8y8C0rnJmk74EX%2BOIVe1F9IkG3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7ee925ee9ebb384f-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 3 KB
956 B 82ms
82ms Fetch
application/json 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jul 2023 21:10:33 GMT
age: 181177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "abaaf95b36ef21fc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 Jul 2024 21:10:33 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 259ms
90ms Fetch
application/json 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 298ms
85ms Script
application/javascript 18.66.97.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:17:16 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 775
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ppmTR8Bft2c4Kst86wxYnj7blOcKRFGIVPk3TYGjd_m60OkVnABaGA==

GET
H2 200 impl.20230727-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 790 KB
164 KB 62ms
62ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P1Qu3yvrKOHpC36FNk8YMgJiSiUmC7do
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:10 GMT
x-amz-request-id: X4B0JKW6XD1YSF26
age: 21403
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167336
x-amz-id-2: Ii3mZxmi9aSA4aLZKcX/lz754Pb8COUr5Y9YE7Zy2x/HQBaPeRygA4CdMv3NXyU0eZXwDHCnOJY=
x-served-by: cache-lis1490025-LIS
last-modified: Thu, 27 Jul 2023 09:32:23 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673410.431280,VS0,VE0
etag: "5315a99ad6ffedb46c02101d15c92185"
vary: Accept-Encoding
content-type: application/javascript
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 21945

POST
H2 204 collect
www.google-analytics.com/g/ 0
106 B 282ms
89ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5129&cid=amp-ICTyN5AVg_5yKv9jhzzVfw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&dr=&dt=%E9%9F%93%E5%A6%9E%E9%83%BD%E7%98%8B%E8%B2%B7%E7%9A%84%E6%8A%97%E8%80%81%E5%B0%8F%E9%87%91%E7%93%B6%EF%BC%81%E8%B6%85%E5%A5%A2%E8%8F%AF99%25%E7%B4%94%E9%87%91%E7%AE%94%E7%B2%BE%E8%90%83%E4%B8%8D%E5%88%B02%E5%8D%83%E5%B0%B1%E8%83%BD%E8%B2%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690673410&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 236ms
74ms Ping
text/plain 142.250.13.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-ICTyN5AVg_5yKv9jhzzVfw&aip=1&sid=1690673410&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.13.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: we-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 96ms
96ms Script
application/javascript 23.53.42.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sat, 29 Jul 2023 23:30:10 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9A2A 93 KB
32 KB 264ms
99ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f26f70e695deff8602d6c1db678100aa20eb92e2fafdd16b7a064d3b030f74d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32919
x-xss-protection: 0
server: cafe
etag: 12750370981667924443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:10 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 221ms
89ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%9F%93%E5%A6%9E%E9%83%BD%E7%98%8B%E8%B2%B7%E7%9A%84%E6%8A%97%E8%80%81%E5%B0%8F%E9%87%91%E7%93%B6%EF%BC%81%E8%B6%85%E5%A5%A2%E8%8F%AF99%25%E7%B4%94%E9%87%91%E7%AE%94%E7%B2%BE%E8%90%83%E4%B8%8D%E5%88%B02%E5%8D%83%E5%B0%B1%E8%83%BD%E8%B2%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ICTyN5AVg_5yKv9jhzzVfw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.1244859333411461&gjid=0.49543259763514413&_r=1&a=5129&z=0.41095042612659216&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame ED79 93 KB
32 KB 256ms
135ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6d095a3be2166f17e7143c2d18f50d2db4ed0481f50de4542672e3e37afab62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32919
x-xss-protection: 0
server: cafe
etag: 4185060454757181908
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:10 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame BEBF 714 B
776 B 65ms
65ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 11040
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ee925f038f794fa-LIS
content-encoding: br
content-type: text/html
date: Sat, 29 Jul 2023 23:30:10 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZRTwNBXGDBQ%2Bi9rzI8JpDSL6y03UqoihjZoNH4WmTqxXDyQaD08y%2BOgwcUZBQBoCDIuMODEkNy2mHuHOhFNW7vxAVuZ6OvTOPWI4K5v6xGe2J3HyAT8q21jwxdAj3Vrqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C211
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

302ms
87ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 23:30:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 29 Jul 2023 23:30:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 446ms
157ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED28 603 B
534 B 477ms
309ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-12068888773073357206&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3290&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=559005129&ga_cid=amp-ICTyN5AVg_5yKv9jhzzVfw&ga_hid=5129&dt=1690673410413&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&bdt=1398&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sat, 29 Jul 2023 23:30:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 1862 714 B
739 B 59ms
59ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 11040
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ee925f0594894fa-LIS
content-encoding: br
content-type: text/html
date: Sat, 29 Jul 2023 23:30:10 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7Duf%2FmlkDyriIhfYpQimBGlAVUFiIJfxL%2FJtbjxRDI8GlG2jFxhuv0koA3eQL3Jfiah%2BS4qE7YSeg7Ue45GURcUH660WefH%2F6ME5s9RYq848NtxhR3nSNhKKwSTVBYT8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 214A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

301ms
89ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 23:30:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 29 Jul 2023 23:30:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 228ms
75ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 229201
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 68 KB
19 KB 396ms
389ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=23%3A30%3A10.613&lti=deflated&data=%7B%22id%22%3A65%2C%22ii%22%3A%22%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690487230568%2C%22vi%22%3A1690673410611%2C%22cv%22%3A%2220230727-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html%22%2C%22vpi%22%3A%22%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6618%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A6227.546875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f02bc67ec0c54776bee6824ae670c9e974a8fd617c5610e574c6b4d007abe48

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 344
date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 109916
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490025-LIS
server: nginx
x-timer: S1690673411.642411,VS0,VE344
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 427ms
306ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6HZSWJAZM42P2JY2RA9KQY5
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sat, 29 Jul 2023 23:30:10 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BEBF 80 KB
27 KB 101ms
100ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8f1c572f939bb0a7099f4c8635018bb97c1d5973de1c7e46977b26e28b015a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27649
x-xss-protection: 0
server: cafe
etag: 643 / 19567 / 31076566 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:10 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1862 80 KB
27 KB 113ms
113ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

543620a655e98da5da0420da003b9ea713564b976a66f47b290db7629df04088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27632
x-xss-protection: 0
server: cafe
etag: 698 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:10 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame B4D5 495 B
665 B 859ms
283ms Document
text/html 54.199.134.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.134.236 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sat, 29 Jul 2023 23:30:11 GMT
etag: "64c22ce0-1ef"
last-modified: Thu, 27 Jul 2023 08:37:52 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2DBF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

301ms
88ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 23:30:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 29 Jul 2023 23:30:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 pixel;r=1241860339;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html;uh=e51...
pixel.quantserve.com/ 35 B
371 B 96ms
86ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1241860339;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-483247503-1690673410372;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690673410673;tzo=0;ogl=;ses=3ba8846d-612d-4477-8a7b-75763047fe7c;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/ Frame BEBF 387 KB
123 KB 79ms
78ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 09:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51965
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125612
x-xss-protection: 0
server: cafe
etag: 13662757064411976442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 09:04:05 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame 1862 386 KB
123 KB 88ms
88ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4972
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 22:07:18 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame 9A2A 363 KB
124 KB 116ms
115ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c03d5c954dc19af0c2add1db27ed4f8b8b639d60278786a56692d21b22cb4427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127288
x-xss-protection: 0
server: cafe
etag: 5798198791463252652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:10 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame ED79 363 KB
124 KB 171ms
171ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

88c49c9dbb9e5595fb5c90c1d1d840ec4ed7ce424b6e1b9a0a60aa6360e7c856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127280
x-xss-protection: 0
server: cafe
etag: 17962540244794784094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:10 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BEBF 492 B
264 B 108ms
108ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=723149755665328&correlator=1825979459883934&eid=31072020%2C31076566&output=ldjh&gdfp_req=1&vrg=202307260102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690673411040&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=btztaaj88ejc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1103413571.1690673411&ga_sid=1690673411&ga_hid=968136415&ga_fc=false&dlt=1690673410639&idt=372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

d037a7753c1aad983122dbbeca69b38e57a18eb69429469e969c838805fda29d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BEBF 15 KB
12 KB 141ms
141ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307260102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

60ce6d7b42add94b5f69288bd621224d94149b3b8c9992d20b18f0ca13298315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11887
x-xss-protection: 0

GET
H2 200 container.html Show response
295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94F5 6 KB
3 KB 300ms
88ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sun, 28 Jul 2024 23:30:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 48ms
47ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EsUuvtHarpCPXN.nV8SaiI8VppZ9XOJk
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: CMEPE7V7W0B50E6X
age: 140840
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: bp5+nywS1GOwWQX3uXlUPzmrxZ0CvSoYWyRElSyaHzVUDgJ8CGFsb4g+159bhw1mU/Q117ql++4=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:51 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.108192,VS0,VE0
etag: "8295deef603701ecd7b23f274d2080a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 13526

GET
H2 200 distance-from-article.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 48ms
45ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1vvwwDTlPsd_L_mk.c.m0Gs4b.AYuRGy
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: K2HAD3T3QDDTMT1T
age: 140870
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: N8fi51bS727oij14LR6YIinBTgoIGyOJcJurAiZ3jJHRam4lDR5zKMoegIvhTN5e3rvBNwgFg0c=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:21 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.126941,VS0,VE0
etag: "8db15f3ca0ef2fc76b365691189d41f2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 108162

GET
H2 200 article-detection.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 53ms
51ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: N2PN0vAaorPUvvk19oD9RRrFc_2r5gn2
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: 9NPTPFWBTHQJ8GH5
age: 140877
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: P6IBUah74BV9ysEiIEmVH56hVVgzvNU/zHlqK88eZZu+mMEuFXjnHOcD4hVfIq2mKrHRYB8UZbo=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.126872,VS0,VE0
etag: "2ddb5ce84174e516dfa7d41f580c44f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 108110

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.6/ 123 KB
35 KB 52ms
50ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 9286764bc0c8327719870fa33a225c9a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 217596
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35355
x-served-by: cache-lis1490025-LIS
last-modified: Thu, 27 Jul 2023 11:02:49 GMT
server: AmazonS3
x-timer: S1690673411.127122,VS0,VE0
etag: "23fd6bc627e1f80544a173529f6c0abc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 20IPOPP-LHgPz2jF0Ol30SqS7QgTJOXsGvlKAmpauBDpL4IOseRg_w==
x-cache-hits: 6757

GET
H2 200 feed-card-placeholder.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 55ms
53ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: a.CizdY4YDhEJzwYaj_09BYotzDpxcBZ
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: 6WQYS0JCZ4JTDEXT
age: 140865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: 5kd2HbuXukqocjxeh6Qj57dzAmwWh6lNXEBHFJKchq9PlBMcCtwvcXPFnzxrHf1YPTv2XYZpOtM=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:26 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.127440,VS0,VE0
etag: "d72141d67c328c0ef8b577abb34b370d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 81043

GET
H2 200 userx.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 50ms
50ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: j22NuxXuWQwv5r2dKtahcQk41KlcTitX
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: M440Q6EGRHVC668Y
age: 140837
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: a5vd7mGTnI98ugRbqnOPXwgVHjLxKkEASQyjzrgOjZzCRuW1Pshhg3+3K7GuHCLAcjIG3f9yGpg=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:54 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.131562,VS0,VE0
etag: "fb1f0beee9fcbe2ba80b90fb585a8044"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 13497

GET
H2 200 explore-more.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 47ms
47ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8HJGiqq64l.2Zd331zH.p3YHpekHKsFV
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: 9K63489TFVXACHFK
age: 140866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: ijvduKOnT42RYKsZa3X/jMxegqbPurYzhrV7sgjcS0WAWzORq3I32eqYQOUmxbw9VHp+UqOcvXw=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:25 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.147952,VS0,VE0
etag: "edf758b47d6a232675d6fc2d5521396c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 49414

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 413ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690673411083%7D&tim=23%3A30%3A11.084&id=9041&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 412ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690673411093%7D&tim=23%3A30%3A11.093&id=6827&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 413ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A30%3A11.125&id=536&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 410ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=23%3A30%3A11.130&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=8007&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 84918

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 411ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=23%3A30%3A11.132&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=3737&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 84918

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 409ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=23%3A30%3A11.137&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=6935&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 84918

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 130ms
129ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=23%3A30%3A11.138&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4576&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 84918

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 173ms
172ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=23%3A30%3A11.143&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2766&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 84918

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 45ms
45ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 117
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490025-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.170870,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 30
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 45

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 195ms
195ms Fetch
application/json 3.233.145.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-141.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvaGFuLW5pdS1kdS1mZW5nLW1haS1kZS1rYW5nLWxhby14aWFvLWppbi1waW5nLWNoYW8tc2hlLWh1YS05OS1jaHVuLWppbi1iby1qaW5nLWN1aS1idS1kYW8tMnFpYW4taml1LW5lbmctbWFpLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 190ms
189ms XHR
text/html 23.50.131.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvaGFuLW5pdS1kdS1mZW5nLW1haS1kZS1rYW5nLWxhby14aWFvLWppbi1waW5nLWNoYW8tc2hlLWh1YS05OS1jaHVuLWppbi1iby1qaW5nLWN1aS1idS1kYW8tMnFpYW4taml1LW5lbmctbWFpLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-214.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 23:30:11 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=103, ak_p; desc="1690673411221_388605782_166835405_10641_1088_37_0_219";dur=1
content-length: 555
expires: Sun, 30 Jul 2023 00:30:11 GMT

GET
H2 200 152227257b2e00946ac348d60151daf2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 111 KB
112 KB 157ms
155ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/152227257b2e00946ac348d60151daf2.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 74a96f46dd66ee4923a2156d85ab9298148b24490bcc11856caf2f2b4e06ff51

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/152227257b2e00946ac348d60151daf2.jpg
age: 26914
edge-cache-tag: 524022442143844514505208184205040567374,429285060811606962413301655830354306721,29ecf9b93bbf306179626feeda1fab70
cache-tag: 524022442143844514505208184205040567374,429285060811606962413301655830354306721,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS
fastly-restarts: 1
content-length: 113981
x-request-id: 95cbf403549755f36b4226ccfa4cbfe6
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200161-IAD, cache-lis1490025-LIS
last-modified: Tue, 18 Jul 2023 01:20:02 GMT
server: cloudinary
x-timer: S1690673411.212780,VS0,VE94
etag: "fe5a8c2f9f1be128d30f2677502b4b2d"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0

GET
H2 200 152227257b2e00946ac348d60151daf2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
58 KB 143ms
142ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/152227257b2e00946ac348d60151daf2.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fd183eabaa717743b87dce14a09a2a8b7995a83d36e3d2c156831b5322cd357

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/152227257b2e00946ac348d60151daf2.jpg
age: 343838
edge-cache-tag: 524022442143844514505208184205040567374,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 524022442143844514505208184205040567374,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 271
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.mods4u.in/
content-length: 58084
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200070-IAD, cache-iad-kjyo7100152-IAD, cache-lga21950-LGA, cache-iad-kjyo7100126-IAD, cache-lis1490025-LIS
last-modified: Tue, 18 Jul 2023 01:31:52 GMT
server: nginx
x-timer: S1690673411.212357,VS0,VE90
etag: "b93aa5372b7440b14322b3d73fcd0339"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 0, 6, 0

GET
H2 200 4f43e64c47f9f6486374563dd2299b6e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
27 KB 58ms
56ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f43e64c47f9f6486374563dd2299b6e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6347468fc067a7fa6f6850737ce01e6d7250bef703ee02ac2dbb406ede218c3c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f43e64c47f9f6486374563dd2299b6e.jpg
age: 2704168
edge-cache-tag: 601774642256159166490290792920281896597,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 601774642256159166490290792920281896597,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 526
req-referer: https://apnews.com/
content-length: 26886
x-request-id: d4e3b9b55458010bb939c735ee03824e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200098-IAD, cache-iad-kiad7000089-IAD, cache-lga21964-LGA, cache-iad-kjyo7100136-IAD, cache-lis1490025-LIS
last-modified: Wed, 14 Jun 2023 09:21:14 GMT
server: nginx
x-timer: S1690673411.212733,VS0,VE1
etag: "98fb44b29c1bcd9474d2c11e8588eb97"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5473, 1

GET
H2 200 d6b01cd1192eda4740e62644ab54a317.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 52ms
51ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6b01cd1192eda4740e62644ab54a317.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8611d1cddbbf5b7aac273971e06618dec56ecf1c658863f650fe6aa655b023b7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6b01cd1192eda4740e62644ab54a317.jpg
age: 3130376
edge-cache-tag: 604113756207140372463374312744325755901,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 604113756207140372463374312744325755901,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 123
expiration: expiry-date="Wed, 05 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://lovemyfamilymag.com/10-reasons-to-eat-ginger-every-day/?utm_source=taboola_9070705&utm_term=mobitech-tn-launcher_1304163&utm_content=2978151924&utm_medium=GiAnTfgMadXMGiZO_liEhITcSQDJ9mXqh2rUIZ5K0Nt6sSDNmlAoiNOQlr6Oi8DNAQ&utm_campaign=GingerEveryDay2-WW-A-TB-LMF
content-length: 11060
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100087-IAD, cache-iad-kiad7000129-IAD, cache-lax10675-LGB, cache-iad-kjyo7100037-IAD, cache-lis1490025-LIS
last-modified: Sun, 04 Jun 2023 16:22:53 GMT
server: nginx
x-timer: S1690673411.212750,VS0,VE1
etag: "c677556888ad1838bb7541b78b35c080"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 69, 1

GET
H2 200 f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 111 KB
112 KB 50ms
50ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 22e086dfa5f95b6b57f03fe1510874b80bbf43952fa16e97c661ef65afd7cd39

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age: 4066693
edge-cache-tag: 461953597764467041444520499259236964687,512103743358072422513015710232849045550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461953597764467041444520499259236964687,512103743358072422513015710232849045550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 315
expiration: expiry-date="Wed, 21 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://conceptodefinicion.de/
content-length: 114030
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100088-IAD, cache-lga21951-LGA, cache-iad-kjyo7100120-IAD, cache-lis1490025-LIS
last-modified: Sun, 21 May 2023 12:33:18 GMT
server: nginx
x-timer: S1690673411.261853,VS0,VE1
etag: "1a75af4013cd7e2d842f6d6a6513081b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 39, 1

GET
H2 200 17bc346051cd75142725c11d9736c67f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 71ms
70ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17bc346051cd75142725c11d9736c67f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f21a359cbbb721e4ad6db3ad79a234b1a198b51da7fed570a20e1d53c273b9b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17bc346051cd75142725c11d9736c67f.jpg
age: 2805982
edge-cache-tag: 546395890014619663267147379343909525432,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 546395890014619663267147379343909525432,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 499
req-referer: https://artes.umcomo.com.br/
content-length: 22866
x-request-id: 2a2c082df4300f93e13b22148ee18e24
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kcgs7200026-IAD, cache-sna10734-LGB, cache-iad-kjyo7100175-IAD, cache-lis1490025-LIS
last-modified: Tue, 27 Jun 2023 11:32:14 GMT
server: nginx
x-timer: S1690673411.267942,VS0,VE1
etag: "009db438438f3a5a92e1d396e8184d00"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 352, 1

GET
H2 200 20ef5c74ff5b577ad234b7c7cfa8b782.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 48ms
47ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ef5c74ff5b577ad234b7c7cfa8b782.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b729b09905a62c133c9b0174589df40b3221c7eaf6862de936dac05f0bdbb7c3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ef5c74ff5b577ad234b7c7cfa8b782.jpg
age: 2217102
edge-cache-tag: 309399572665247934372033949103529697214,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 309399572665247934372033949103529697214,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 157
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://flytant.com/
content-length: 9438
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200028-IAD, cache-iad-kcgs7200109-IAD, cache-lax10641-LGB, cache-iad-kiad7000048-IAD, cache-lis1490025-LIS
last-modified: Tue, 06 Jun 2023 17:47:59 GMT
server: nginx
x-timer: S1690673411.341356,VS0,VE1
etag: "b4cb5499a3924c530be6463e4498e4c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 374, 1

GET
H2 200 152227257b2e00946ac348d60151daf2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 82 KB
83 KB 137ms
137ms Image
image/jpeg 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/152227257b2e00946ac348d60151daf2.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ad33e02b7663c396bc8a0da0d583f11df8df37a8b83a62dff251fd185b358bee

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/152227257b2e00946ac348d60151daf2.jpg
age: 273158
edge-cache-tag: 524022442143844514505208184205040567374,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 524022442143844514505208184205040567374,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS
fastly-restarts: 1
content-length: 83970
x-request-id: 740d354d9c375ea1de296c9a714276bf
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kcgs7200093-IAD, cache-lis1490025-LIS
last-modified: Tue, 18 Jul 2023 01:20:02 GMT
server: cloudinary
x-timer: S1690673411.341481,VS0,VE92
etag: "c9fa237b3987893c68d74c529b8464cc"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8, 0

GET
H2 200 f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 130 KB
130 KB 49ms
49ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fa0616a1df4a0404c8640f675de1f19aefdb9be8fd52a889683cc9f7d888318

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age: 2376944
edge-cache-tag: 461953597764467041444520499259236964687,304054793718910432623321288043234533042,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461953597764467041444520499259236964687,304054793718910432623321288043234533042,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 374
expiration: expiry-date="Mon, 17 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://flytant.com/
content-length: 132760
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kiad7000062-IAD, cache-lax10639-LGB, cache-iad-kiad7000068-IAD, cache-lis1490025-LIS
last-modified: Fri, 16 Jun 2023 13:13:41 GMT
server: nginx
x-timer: S1690673411.360970,VS0,VE3
etag: "fd12b02fda1e3bbd941e2da7d9e2b920"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1070, 1

GET
H2 200 4f43e64c47f9f6486374563dd2299b6e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 73 KB
74 KB 47ms
46ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f43e64c47f9f6486374563dd2299b6e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8044db7ed25d2ac40d39899f524ddeee9385f2850d9fcb8a29f91f8b220c783a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f43e64c47f9f6486374563dd2299b6e.jpg
age: 4863420
edge-cache-tag: 601774642256159166490290792920281896597,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 601774642256159166490290792920281896597,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Thu, 15 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://apnews.com/
content-length: 75196
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100103-IAD, cache-iad-kjyo7100056-IAD, cache-sna10728-LGB, cache-iad-kiad7000066-IAD, cache-lis1490025-LIS
last-modified: Mon, 15 May 2023 11:50:28 GMT
server: nginx
x-timer: S1690673411.385471,VS0,VE1
etag: "cb1ea24eda706759bfd1dcd94b91b7bc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 4713, 1

GET
H2 200 d6b01cd1192eda4740e62644ab54a317.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
27 KB 51ms
51ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6b01cd1192eda4740e62644ab54a317.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c3d2efe0c332e11a2ef5663ffc72ccf3a6fb369520c4a0c676950479ae5d6e64

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 23:30:11 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6b01cd1192eda4740e62644ab54a317.jpg
age: 3036903
edge-cache-tag: 604113756207140372463374312744325755901,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 604113756207140372463374312744325755901,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 359
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.foxsports.com/wnba/washington-mystics-team
content-length: 26428
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100130-IAD, cache-lga21983-LGA, cache-iad-kjyo7100115-IAD, cache-lis1490025-LIS
last-modified: Mon, 05 Jun 2023 11:13:54 GMT
server: nginx
x-timer: S1690673411.388920,VS0,VE1
etag: "a4a1f3f2726f5ae498f603af94ad847c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 55, 1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C211 34 KB
10 KB 96ms
95ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jul 2023 18:46:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69395
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 30 Jul 2023 18:46:46 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2DBF 34 KB
10 KB 103ms
103ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jul 2023 18:46:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69395
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 30 Jul 2023 18:46:46 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 214A 34 KB
10 KB 102ms
102ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jul 2023 18:46:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69395
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 30 Jul 2023 18:46:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BEBF 17 KB
7 KB 369ms
199ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:30:11 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 174ms
172ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2238%7D%22%2C%22eventTime%22%3A1690673411253%7D&tim=23%3A30%3A11.253&id=7118&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1862 499 B
278 B 122ms
121ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4501279463096579&correlator=2628800938236665&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690673411292&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=w66lwoh6qlgm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=910131182.1690673411&ga_sid=1690673411&ga_hid=782959855&ga_fc=false&dlt=1690673410656&idt=546

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

603734eeab3fd760d92cc9abb6e66abb6e190649e9cb431bfce1ebc9ea3f200e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1862 15 KB
12 KB 142ms
141ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b16eba7244a4829c6d4aa6d40079de90473e78f6b2ebed32b7e32ceb4e0cf7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11802
x-xss-protection: 0

GET
H2 200 container.html Show response
ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78D8 6 KB
3 KB 105ms
88ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sun, 28 Jul 2024 23:30:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 274ms
94ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 22:07:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 23:30:11 GMT

GET
H2 200 spa-detector.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 45ms
45ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: X8QqOe1snJKPaIDOeaMSNYiMxJgtu0Qu
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:11 GMT
x-amz-request-id: ZXM8KW3PRJZXQBSG
age: 140849
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: oTB80Ftn1d0Vew8UrxnuqMhvPrCHAQcO+X7YnDC752qQlOSvFS10ck9HQeRpNg3FweQv57aN0hc=
x-served-by: cache-lis1490025-LIS
last-modified: Fri, 28 Jul 2023 08:22:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690673411.341950,VS0,VE0
etag: "3e9c41a418b54e4c6ddf043af9a9362b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 50475

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 174ms
173ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A30%3A11.314&id=9449&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 175ms
174ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690673411315%7D&tim=23%3A30%3A11.315&id=5246&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 174ms
173ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A30%3A11.317&id=7008&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 176ms
174ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690673411319%7D&tim=23%3A30%3A11.320&id=5561&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9A2A 379 B
600 B 253ms
87ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3642b288dd6a377d32f199339971d6a27f1c4b1f253bd654ea248c98c603426e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame C6E1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169067...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

296ms
89ms

Document
text/html

18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 70
content-length: 459
content-type: text/html
date: Sat, 29 Jul 2023 23:29:02 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id: 67R-K5hDucArmZYmyhv2RtCLgQ1EzxqkKhWxsFXvzoD9EPwiueh11A==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9A2A 15 KB
12 KB 133ms
131ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b527a6d8f32639274e40dd89eb2233a610247cd58aeeceaea0c2f2f04f31966b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11860
x-xss-protection: 0

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
361 B 176ms
175ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=5906&lti=deflated&ri=3dc1a5f3894639571e4d4c167dccca66&sd=v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&pi=/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&wi=-7008556751684839847&pt=text&vi=1690673410611&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.546875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A30%3A11.359&id=1458&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 175ms
174ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=23%3A30%3A11.370&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7632&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 84853

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame ED79 379 B
318 B 245ms
95ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

928874e76760ef5d98f42455fa2a94a1698774f1bf6a71b28fcca3f0ddd2a6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 146E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169067...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

186ms
88ms

Document
text/html

18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 70
content-length: 459
content-type: text/html
date: Sat, 29 Jul 2023 23:29:02 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id: K1ktRxujaFoQ0QuYCiEF_hm-vE9Iyy4InA8i8M8Q29OVcnto2ttfOQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED79 15 KB
11 KB 128ms
127ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

8ef9352498db33c41e3bf33ee1f235d712b0fbea0738d92efaa3a3789aff5d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11578
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C211 284 B
934 B 367ms
81ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 94ms
93ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d9b83d3b884ccf817c0939817338b99f46ce90fdcdb69b76364304474668ddd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 23:30:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2DBF 284 B
934 B 364ms
89ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 214A 284 B
934 B 354ms
86ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1862 17 KB
6 KB 145ms
144ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:30:11 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A2A 17 KB
6 KB 102ms
102ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:30:11 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame B4D5 0
268 B 283ms
282ms Script
text/plain 54.199.134.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.134.236 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ED79 17 KB
6 KB 129ms
128ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:30:11 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 991E 13 KB
5 KB 83ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 20B5 783 B
1 KB 263ms
89ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

66966cdda82f6bad0c630ef2c4535e5b9d0f0dfa388e6591385df8ff99e903f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vx29ioefEyks4uzJWYqDUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vx29ioefEyks4uzJWYqDUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sat, 29 Jul 2023 23:30:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7365 13 KB
5 KB 83ms
81ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 421C 783 B
740 B 253ms
91ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

8a2fca383e4485ceb88abcf711d2608be25d91dae8d1f587a6cbd7dfec2a6cee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WuqCJPs5wWxElNe2eRtv2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-WuqCJPs5wWxElNe2eRtv2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sat, 29 Jul 2023 23:30:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 6513 577 B
503 B 92ms
86ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1690673411635&uv=3310&tms=1690673411635&abt=nonrv_vA!ufm_vD!ul3310_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=14e65e77-23f0-48ab-ba99-c290e4912873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5bf46228ce8838a9a40600288c6064527e4aa2905832976bc7030630b735f5c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sat, 29 Jul 2023 23:30:11 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490025-LIS
x-timer: S1690673412.664311,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D34F 439 B
534 B 265ms
86ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 70018b67b02eae709ab7b260cf6c71e9ac26e8eca0acdd2f5faf90c078f34cc9

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 29 Jul 2023 23:30:11 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
730 B 623ms
616ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690673411640&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1536&pt=1473134321&tz=0&viewable=true&ddast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD!ul3310_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5770d0ab0f132c17e357c960ca4e6e0c48ea1cdb4136c2b032c84d99cffa40ef

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sat, 29 Jul 2023 23:30:12 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1309
x-cache: MISS
x-served-by: cache-lis1490025-LIS
pragma: no-cache
server: nginx
x-timer: S1690673412.670372,VS0,VE571
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 263ms
86ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=31589837&cb=1690673411634&uv=3310&tms=1690673411634&abt=nonrv_vA!ufm_vD!ul3310_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690673407228.8!ts:1690673411634&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:11 GMT
content-length: 0
server: nginx

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 89ms
88ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=5129&cid=777882252.1690673412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690673411&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&dt=%E9%9F%93%E5%A6%9E%E9%83%BD%E7%98%8B%E8%B2%B7%E7%9A%84%E6%8A%97%E8%80%81%E5%B0%8F%E9%87%91%E7%93%B6%EF%BC%81%E8%B6%85%E5%A5%A2%E8%8F%AF99%25%E7%B4%94%E9%87%91%E7%AE%94%E7%B2%BE%E8%90%83%E4%B8%8D%E5%88%B02%E5%8D%83%E5%B0%B1%E8%83%BD%E8%B2%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AA0B 13 KB
5 KB 82ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1EB1 783 B
737 B 190ms
92ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

8304b68f4fe9b28858722c2e87a9c210aa341ecbf7cffbaebf5efdf69a04845e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7o8wn7SNeF5vUtR_dS09Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7o8wn7SNeF5vUtR_dS09Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sat, 29 Jul 2023 23:30:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36CD 13 KB
5 KB 82ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB9C 783 B
739 B 179ms
92ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

19a8427a46498d5620768dfcf25d44b04415c8590e9213054e5702ab4d5b08d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tk83VUKvyqkPnwkPUANLNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-tk83VUKvyqkPnwkPUANLNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:11 GMT
expires: Sat, 29 Jul 2023 23:30:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 991E 37 KB
14 KB 82ms
82ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 7365 37 KB
14 KB 83ms
83ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 6513
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3

0
69 B

155ms
154ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1690673411635&uv=3310&tms=1690673411635&abt=nonrv_vA!ufm_vD!ul3310_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=14e65e77-23f0-48ab-ba99-c290e4912873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 110
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
x-served-by: cache-lis1490025-LIS
server: nginx
x-timer: S1690673412.445173,VS0,VE110
x-fastly-to-nlb-rtt: 115389
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 6513
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Uh20KoRE2oREqWa9q_tJ8V8mj0oPRdPNSTLwTg--~A

0
230 B

87ms
86ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Uh20KoRE2oREqWa9q_tJ8V8mj0oPRdPNSTLwTg--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1690673411635&uv=3310&tms=1690673411635&abt=nonrv_vA!ufm_vD!ul3310_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=14e65e77-23f0-48ab-ba99-c290e4912873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38334

Redirect headers

date: Sat, 29 Jul 2023 23:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Uh20KoRE2oREqWa9q_tJ8V8mj0oPRdPNSTLwTg--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4241 281 B
554 B 90ms
89ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1690673411635&uv=3310&tms=1690673411635&abt=nonrv_vA!ufm_vD!ul3310_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=14e65e77-23f0-48ab-ba99-c290e4912873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 23:30:11 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame AA0B 37 KB
14 KB 82ms
82ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame C211
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKONAPI4-1V-23ZR
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPI4-1V-23ZR

35 B
266 B

446ms
150ms

Image
image/gif

162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPI4-1V-23ZR
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
connection: close
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPI4-1V-23ZR
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 36CD 37 KB
14 KB 82ms
82ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame 214A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKONAPIE-1N-AKGT
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPIE-1N-AKGT

35 B
266 B

459ms
162ms

Image
image/gif

162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPIE-1N-AKGT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
connection: close
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKONAPIE-1N-AKGT
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2

200

rubicon.gif
sync.logly.co.jp/rtb/ Frame 2DBF
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly&khaos=LKONAPIE-1N-AKGT
https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKONAPIE-1N-AKGT

0
268 B

287ms
286ms

Image
text/plain

54.199.134.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKONAPIE-1N-AKGT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: H2
Server: 54.199.134.236 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKONAPIE-1N-AKGT
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4241 34 KB
10 KB 97ms
96ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jul 2023 18:46:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69395
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 30 Jul 2023 18:46:46 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame C211
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aWk-6GTBRRq1GXaGLsp3ZA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aWk-6GTBRRq1GXaGLsp3ZA

43 B
479 B

94ms
94ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aWk-6GTBRRq1GXaGLsp3ZA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:30:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D1NS7CV0G6H9T3JQWSHE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aWk-6GTBRRq1GXaGLsp3ZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C211
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/EivRwdpqK2bj9QF8a5incsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-H2W9kO9E2oIW7c6O.tJykRXABVxHfnfpYUgauQ--~A

42 B
691 B

90ms
90ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-H2W9kO9E2oIW7c6O.tJykRXABVxHfnfpYUgauQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 29 Jul 2023 23:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-H2W9kO9E2oIW7c6O.tJykRXABVxHfnfpYUgauQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C211
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RfEOt-TDR_i6gUDLw7NuGw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RfEOt-TDR_i6gUDLw7NuGw

43 B
479 B

160ms
160ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RfEOt-TDR_i6gUDLw7NuGw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:30:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N7VW8GMCE14DA88VXA0Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RfEOt-TDR_i6gUDLw7NuGw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C211
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM01B3vUR8QF5iuLnhV4k5o&google_cver=1

42 B
691 B

534ms
85ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM01B3vUR8QF5iuLnhV4k5o&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM01B3vUR8QF5iuLnhV4k5o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C211
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBjYTViM2YyYTFjMzhiMzU4Y2Q4MWNjZWVjNjlmZTA3ODk4NWM0Mw

170 B
409 B

159ms
88ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBjYTViM2YyYTFjMzhiMzU4Y2Q4MWNjZWVjNjlmZTA3ODk4NWM0Mw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBjYTViM2YyYTFjMzhiMzU4Y2Q4MWNjZWVjNjlmZTA3ODk4NWM0Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame C211
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKONAPIE-1N-AKGT

0
514 B

588ms
243ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKONAPIE-1N-AKGT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 397D89BBBA234293BDFDFDDD32A72EB6 Ref B: LIS01EDGE0408 Ref C: 2023-07-29T23:30:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBqJQvKxAQ2meqR6AWQg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKONAPIE-1N-AKGT
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C211
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

416ms
85ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C211
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtPTkFQSUUtMU4tQUtHVA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8lOIURU-slXrCNARjdw7c&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPTkFQSUUtMU4tQUtHVA==&google_push=

170 B
232 B

89ms
88ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPTkFQSUUtMU4tQUtHVA==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPTkFQSUUtMU4tQUtHVA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D34F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3

0
191 B

155ms
155ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 110
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
x-served-by: cache-lis1490025-LIS
server: nginx
x-timer: S1690673412.446314,VS0,VE110
x-fastly-to-nlb-rtt: 109022
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D34F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A

0
230 B

88ms
87ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38334

Redirect headers

date: Sat, 29 Jul 2023 23:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame D34F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lfU0e.dE2uE8itS3qaYMgEzBEVchmSL.~A&gdpr_in_effect=0

0
229 B

99ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lfU0e.dE2uE8itS3qaYMgEzBEVchmSL.~A&gdpr_in_effect=0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38330

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lfU0e.dE2uE8itS3qaYMgEzBEVchmSL.~A&gdpr_in_effect=0
date: Sat, 29 Jul 2023 23:30:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 20B5 0
0 115ms
114ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307260102&jk=723149755665328&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 421C 0
0 114ms
114ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=1020427057196935&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 146E 31 KB
10 KB 3239ms
99ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 19:02:54 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 16041
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sun, 30 Jul 2023 19:02:54 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame C6E1 31 KB
10 KB 3244ms
105ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 19:02:54 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 16041
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sun, 30 Jul 2023 19:02:54 GMT

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 4241
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LKONAPIE-1N-AKGT
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT&gdpr=0&us_privacy=1---

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45583

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c52bde874ac36e8646ae455e9e84952e
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB9C 0
0 114ms
114ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=2230691468345996&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1EB1 0
0 114ms
114ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=4501279463096579&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 991E 0
10 B 77ms
77ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_3a4VQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AA0B 0
10 B 77ms
77ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SJ0leA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7365 0
10 B 77ms
77ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d7dhhQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 36CD 0
10 B 78ms
77ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RTsmOg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
422 B 221ms
221ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=5906&route=HK%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 131
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 109554
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490025-LIS
pragma: no-cache
server: nginx
x-timer: S1690673412.255855,VS0,VE131
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_1_0/infra/ 889 KB
148 KB 404ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_0/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690621720
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: T6WD49DKH7211X8Z
age: 51551
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690621721
x-amz-meta-mode: 33188
content-length: 150941
x-amz-id-2: J8zhtszAc+yDAKt/iGja7cYdISIErVB4CQQBwXfxbM5NFwg3Waxrhta3yR14sfz2MgQuul9N84E=
x-served-by: cache-lis1490048-LIS
last-modified: Sat, 29 Jul 2023 09:08:42 GMT
server: AmazonS3-br
x-timer: S1690673413.648314,VS0,VE0
etag: "2653a0c8d7fe85b3a9f7075f29ed0624"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2242

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_1_0/assets/css/ 60 KB
8 KB 46ms
45ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690621740
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8XDVFSBWNQGG49GW
age: 51555
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690621740
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: gnZxZJGLnINA0VOdzxiLt2d9veItMYU98Mf7eisURgw5MRbkwFCvdUgkG0na9RzGHi5kho7Rwhg=
x-served-by: cache-lis1490025-LIS
last-modified: Sat, 29 Jul 2023 09:09:01 GMT
server: AmazonS3-br
x-timer: S1690673412.290691,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2933

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
740 B 45ms
45ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 11223
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490025-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1690673412.392812,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1178

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BEBF 0
0 118ms
118ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307260102&jk=723149755665328&bg=!MDOlM2fNAAZGOVy5Zjk7ADkAdvg8WmT4uDOSRHBd_c0_kRxZW5gQiGaHOPwJafX7O7g_nnXiypR6kqlKIyGgA81qIsPaQxHbfZECAAABNlIAAAAHaAEHCgAKR_BakQjWr_lGIpkCv9ToFn6N-zkDs4oJW2UPJNcgbo-sHga7JpSawzZsARHXCcEcmn7-b19o0jB9tZ6d-kFn0wav7PLpqlfw9ax0WWpNdqs-91yA6AC6oqjE9C6nIazp_EYNWQ8NnjCW7Xt8AVNgG3yo1BAXG58Q-IIt_SrPGbvjPgQQmz2L9weLxdnDKgBfIhlptmUbZPN5WgVa8ko6mkfoqaoPTRCG0sSxQw1H1Enm5iP4QnjfcMMl9blC9TjTAAOKoe5diOnwEE3TsOqRqS-CX7lm_xn7p1Z3-4K99qFqOvCyQA1IRtWaafel-50MHtgheH5g3rzghWazz2nHpSSftt2ghpBNvICqu12ZjXxdP1d9nuQhCtpNm1oKL_x_oxStHjDHxKM4YQHwS6eC0kGBpk7hNEizOBN1gz2PiQCVgSFTIr4tMDpgeUM9OG0C-IpDE7n6POAW2kq8CBMT6GVP_umcZ4zvZFDqIo6x3wxEdczR-GKNtO-4GXvDwvjfXOWIsaqyWtjsIjXRRuzdOXNLoYeCcaHEqhQ3CfytSvpDFXLxKMbUPIdYv-2KQtuYPez67nSTuNo1iQXazuzjCyJRwnP8Poea9298dixKBGCkorJwghbePef6Lm_9mkWdbryfHPHR9iGml-nzuCdGOFWNnFiO55_eYCrSnzdP-2aN4wAxFqGavBLLMVnVSftcyDAB6VWSeWZU_FGfc81PUe4_mAO5d-QXkgkx2jbNltknst8MjTyFHteQTrnu8HlYms6kfY-gSwEQioB_UMGPu3b-U4AmFYZzK2OaoLRtwpvXG8Bjl40JkB-BArfaKittCluDsJ34RSwH4YIfuZS1J3Dd66KZYhuDVBY-AcksmwAIFsULTvi4z6wUum_72HEvqfz-_6r6DfFtqt_extzEkh2dZ8SdbGqXyZWUUnt_oGOCg3j3TclbIJ59Yv0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1862 0
0 117ms
116ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=4501279463096579&bg=!wsGlwZXNAAZGOVy5Zjk7ADkAdvg8WhzGVUy_8gP_T6zFc6I1DyReaPg4PmTP-cF2cmI2woS7soCND2x1VKkf-2SMBnewZO75AvECAAABMFIAAAAGaAEHCgAsn-93KF_iUo_o6iJDua8lkUGtHWWxCz4e7Yr15kzE2rMwSHul0XO7plutZ3uZAs4qinOTq8neWd2WFdxG45LP1JcnqBK-ZiXs3P0htS0VjombXeaSYR1hjOAP9cpNEl64ZCSRmwPN6DAJfVvjf84YbZffn0MuD_BiN2eEvEnrJnizWq1-UhuM47mFu8-Pqv_QzcJOOwy7wUDeDu9XkvNmcdiGKNBecdQoVsmriX7UnZrZoI66zQFtZ9WIfaQOH4fgn_khr9jsms_EmUIJy1wWOAd7OrmbOEtkMGTCkm9kwjqojyniRoPHB7xszHcsofUmFuC8oms6wV6197abS9tEY5ej0GVic70s7LD2xQrd7ARw1VDEOfNTWgTUU-fnF5DPu_X5BEmLXMBCROsvvksZ1FKJyisj6Oqzm5xujmBwKX_RB0OXUzqI1rm7kogFgriCDrDTzj6AlX4d71goRGM_kwtKcG2N3NGBBPuSZDXcDc9e4Vt7D8pHPSrBvrnq9Zq6-kCbax8AWzOADJe3ykvrfBt6knWJ87hfjBBEugd7qIwMvtZy6vMmgOMUoTHbVR31KCZzEgxl7bXZeb6vNxTvYq7ppQeqr8Tx_CLWpKCYk9flI5NSELeYpU0F3Jdu62Q1wYrq_83QAMVrUr1SE2GloqLzbmwcox6aQMdd8G3Jr5lpilvdc1uflr5KSJShq5Fme97Y2N3ekBLwuXkNh6aBFlLZOrl3_EvtlJ51KKw3EsYGEZC1TGDidqzmgVJSYaxP6mk0Db5Z4nq4JDGIiFmzu3OI0D8NuXH492fO8HHXDLJzw00st8a_lUmui1fuL9Ml7-1SywruIacKlXskSIAXgVIW_Yr3mZfD8sDowQrNCJsRh_iNq5xQBtJxHdQC7Ge7czVLuiWI1eXj0_2JWQbOLYFTMturMDy-7NN9su7S8EpOnY8Yr34YF451L50nERUyob7i1UikoTz0Md1N4_A6Q1g2EWonylY34tCk3GC3zZGyNLJ7_Hc8UtKugg23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A2A 0
0 117ms
117ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=1020427057196935&bg=!j4yljNjNAAZGOVy5Zjk7ADkAdvg8WoHLgffKNqP3kt5PR8utniIs-Nim10n0TPtVgmoBcTXj7xoDkMrv1Fw9q8EIPbQhq3G3gQYCAAABZVIAAAAIaAEHCgC3d5SpdiMibfvzrY5VBOkv-40x8jCsaoOkDb029XkvivsJLOMgK17kVDUzUporNCtQzIqILOxV_Rx3x-hG3AG8TjGMtN30NYIED3UR2-X9w82ldUwFOyEAExMahLW5wTIxYzqjLXdg4otAozNNf10raCiTgknKdVtmptwJ2Xsmb0XHzT9-Gdpf1Lyi2q7g6Eoy_iZtB1q8St-H8Unyz6UtF2At21K5t3eo-DsLGf3t7xsIs6ohcsJBmQK-nW0qtuu0QJ3v3LmDuXIH6MHpzSnqTNMfrL5304aWIQq6gpZ9oESd2kh8q3k6dLFnSArn8ZZxK0ccGQvBRx6ljEb_j8OIYkjC-7x2hOJF7uTgcOKomQdJu8yvKGI2jXYR2zZVCa_R9b5DWuKsW2m4PfKY9A5D2kVThgU5LlkjzdgxyU6faCLEDLn-ihlEagDwsxuODCT_N3eGxaE9KsgGmyp7X6JEFkqid4bkWMV4V0Iq3w8I1EGkkZK6pNqcDdSH-R793HIcAxYWcfeDzwxzgZhz5_cKmCe933tMnyIyx_fQtgYPBnYWj1nwT7cAvXPwJXWCDHaUvTTlWfcXZUDGf0PTyMhNzOBmHL1H11kd62p7e-TVvYgBPteJpjyMoWBFpShmrTUJrZxIjX1nW_E-2c0LemwhnZOOmJDh2kpb3QE5iwtUjvldDpr4Q9chgHUW85sj64YdijZHt1Nv1B9WkfgtSC-_mVRtWpuSRxkFuytl8bObn9afctmjgubcRSMHiHD4FYSvsiwahotjFUZMI7WyD-li4Ks7MDIMzmLmjYGFX5bkKphTdJZVA12GxPHxOd-gIvghi63dAxqX5dRZr6f4RkGh9WHho1VqUI8u5DSNGLFvIgedGTI37K_drskAvQRyjMcOOna7EFhQgD009_Bsw7UgRlcogh3OE0JVKszRJ5gkx0xCXLWXMUyltIppDpAbjlkeyJyTr7Bv5rjpw9h97ahCgkYQRSWVIm5Y5a9M00fhDxTktzYDMjcKLHO6hNUY46KNvRVpi_KbsMGkyoxI7oODcRnHAd-XYCoag2RJ37fELtERtVllkA-3lHmESNT-Ri81Jud9EEEmEiXPfFxdWn_yOagou19OgDZFE31JrmgSspKHLeUEkHEy-gZOVT1WDdEH4b7Jdkg8LkCmyNSjylYl9iFI0vm3M9Ob
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED79 0
0 117ms
117ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=2230691468345996&bg=!PT6lPmrNAAZGOVy5Zjk7ADkAdvg8WnzjaordPNR-JAo4AgOlXJzbpwXdjD1VqHXtiOS7dBr7yxLNk98ftHsU6XwkwXRVihz4FqgCAAAAxVIAAAAHaAEHCgCvDBI4it-iy6F7vCbAUEvae0fRVjnycjtHKTBRZhG_fkuOYx7Ru92tVubg_neJ8Xasau0xynkXCkho3Yq1nUUOPpXg7ZRDtlqnzoxmJ8OVnRK589jarL-LGdas3EqQ-MkKDaRVWCjYnmI5vZ4OWDgeA9VS0PWxiHmHM0SsSCXU34ixWbkgYkbtOTRE-K55rHKuGEoi32U25IDndoGUNYV2BW62ULn6cPOPzmLH4ZNlnJkCuA0af2Mi8kXMLv7jnQ3ST6hcOhCHtzKapYC-rgwU5jydbj4vZdFHPxCJzm62bwftWlBmMH-rfHRxhC6YoCr9w2H9OTZQg_iqUMiPJm_LyXFrReCx5M2nK_wcyQdZuARzUBjJ6bVwvW7ixL-nFTkrA631xc8x5kpUR3lGLGeWk7TNevLvu3Ub5Sp5aTonWDxtmdYz5JzZ3IQ5aRXB_am4UOQGcDanlPdV8fkeTFOG9Oo6eR5RJPcznGoMUiUWekCrX7H8e_BLpZ9CG943GuIkCZzK9ck4P2oSS29GvUAAhkZOLYKF3N-CV3NM7AuvrxxTNrI0iSLtRZhuFYDRLNhc30ECdaxR433aW0PPBEw4AIwPgUKY4M7sNJTUq07dHthGm8Tw2AtJXKMctAccknymXU8DYsn_AAA96M_le2SnU00q5DEzn2DGevj43G1lRDkMZV3NF28270HwxFlGlFRMbtsNf5AY6JuBitnnR8WNFeAEvITIinsZxE41lLbVY_wxzxhbM3U241LDvuuNPhQfEm_n4aQQU59Z-Kf1AgfUFkXGzLxXqltXk_ZoKeRhdnKSYpUATV6nG4s3sF9JdMKlZbSMFKi5-nM9tcfGD7ox55p4DkocFzHHu0cHAaJvvyMM4SBiL6HqVJehgUMW7gnLb7jmE2HA9CBP75XuDl1gErnuMQVmBaIqcE9hyStAO0nnvPUj0yRv1RPAPWwpYapERUAUEBOSDWh8qzUwpa7Gp_vbd6-u5AkB7F-_WAwq2XIHLb9EB_z2RkpYri9siKoKAvy6IcSprmxo52azWLhP66vrrEMVJD2IToecmZLzK1nTQsHv3V7XApV4PnX0EZX6tLoy3635-2_5qh44m35Cp089Yrkvqyvtu5MEpnm05-NKj2E5tm0ouIsdoQJeg6PSnLR5ctgbBMnMPQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 45ms
45ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 1512936
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490025-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1690673413.922315,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 209620

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/ 446 KB
84 KB 46ms
45ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690439347
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: A3N10TATEMVHA5QR
age: 233984
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690439362
x-amz-meta-mode: 33188
content-length: 85839
x-amz-id-2: YpLsidS2POsIKt23Ufq53o+kIa+03QWIhvzNyWX5RqYAx9tb3V1X7ZUuAJ8mMhdUUbsPS9EPyeA=
x-served-by: cache-lis1490025-LIS
last-modified: Thu, 27 Jul 2023 06:29:23 GMT
server: AmazonS3-br
x-timer: S1690673413.948770,VS0,VE0
etag: "b33cf048d4d632bd93b30c09e2201e4c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 79355

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 892E 549 B
643 B 85ms
85ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_0/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 2f703396a36036cca8260b20715fdafb7650e07a48d5b8b2324651e06aa99945

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 29 Jul 2023 23:30:12 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 85ms
85ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&cmcv=&pix=31579697&cb=1690673412929&uv=3310&tms=1690673412929&su=3&abt=nonrv_vA!ufm_vG!ul3310_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:12 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 48ms
48ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Sat, 29 Jul 2023 23:30:12 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 1107573
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490025-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1690673413.989723,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 364307

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 892E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-G963yjJE2oSO9Dnkmv2SPjAIolyT1746gCSqgQ--~A

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-G963yjJE2oSO9Dnkmv2SPjAIolyT1746gCSqgQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38484

Redirect headers

date: Sat, 29 Jul 2023 23:30:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-G963yjJE2oSO9Dnkmv2SPjAIolyT1746gCSqgQ--~A
content-length: 0

GET
H2

200

sync
x.bidswitch.net/ Frame 892E
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526916689554&expires=30&ssp=taboola

43 B
145 B

88ms
88ms

Image
image/gif

52.58.132.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526916689554&expires=30&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 52.58.132.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-132-185.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526916689554&expires=30&ssp=taboola
Date: Sat, 29 Jul 2023 23:30:13 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C355 281 B
554 B 88ms
87ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 23:30:13 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 0FD5
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMWhBsCo8X8AAGiM908AAAAA

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMWhBsCo8X8AAGiM908AAAAA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 46367

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 29 Jul 2023 23:30:14 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZMWhBsCo8X8AAGiM908AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad312"}
X-SO-Key: ZMWhBsCo8X8AAGiM908AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad312
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMWhBsCo8X8AAGiM908AAAAA
Cache-Control: private
X-SO-HostName: m-ad312.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 7
Content-Length: 0
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-IP: 91.205.230.195

GET
H2

204

/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=de9a9db16baa410589...
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=de9a9db16baa4105894834d7a1b4318a

0
221 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=de9a9db16baa4105894834d7a1b4318a
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45361

Redirect headers

location: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=de9a9db16baa4105894834d7a1b4318a
date: Sat, 29 Jul 2023 23:30:16 GMT
content-length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 0FD5 0
45 B 3352ms
123ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:15 GMT
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT

0
230 B

88ms
88ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38683

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKONAPIE-1N-AKGT
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682?gdpr=0&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A

0
230 B

94ms
93ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38683

Redirect headers

date: Sat, 29 Jul 2023 23:30:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qVQawWhE2oQhsqdBGUlspfSEWI4WJhjn3IG2xw--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://trace.mediago.io/ju/cs/taboola
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1d4c2e5365ae60d2c71ef0acf9e99098

0
230 B

89ms
89ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1d4c2e5365ae60d2c71ef0acf9e99098
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43200

Redirect headers

location: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1d4c2e5365ae60d2c71ef0acf9e99098
date: Sat, 29 Jul 2023 23:30:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
content-type: text/plain; charset=utf-8

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEF521Bvv77Petg2-UnZHv-0&google_cver=1

0
287 B

157ms
157ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEF521Bvv77Petg2-UnZHv-0&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 109
date: Sat, 29 Jul 2023 23:30:13 GMT
via: 1.1 varnish
x-served-by: cache-lis1490025-LIS
server: nginx
x-timer: S1690673413.195922,VS0,VE109
x-fastly-to-nlb-rtt: 109210
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEF521Bvv77Petg2-UnZHv-0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0FD5 42 B
245 B 279ms
84ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682:$UID
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 29 Jul 2023 23:30:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0FD5
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682

170 B
188 B

91ms
90ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38333

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3

0
65 B

154ms
154ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 109
date: Sat, 29 Jul 2023 23:30:13 GMT
via: 1.1 varnish
x-served-by: cache-lis1490025-LIS
server: nginx
x-timer: S1690673413.221920,VS0,VE109
x-fastly-to-nlb-rtt: 109599
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0FD5
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

43 B
696 B

85ms
85ms

Image
image/gif

216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: HTTP/1.1
Server: 216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:30:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 23:30:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 0FD5 49 B
882 B 1300ms
89ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: pt-PT
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-848647674d-jtjl4
expires: -1

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 0FD5 43 B
596 B 3348ms
119ms Image
image/gif 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 23:30:16 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f49b2176-dfad-4a3f-8af9-c8bcf9d40a53

0
230 B

92ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f49b2176-dfad-4a3f-8af9-c8bcf9d40a53
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 40692

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:13 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f49b2176-dfad-4a3f-8af9-c8bcf9d40a53
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 905649
content-length: 0
expires: Sat, 29 Jul 2023 00:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/464/ Frame 0FD5 43 B
1 KB 510ms
85ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/464/9.gif?puid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 29 Jul 2023 23:30:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

sync
x.bidswitch.net/ Frame 0FD5
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c9fc9385-41ce-410e-9241-f4d9908c306c&gdpr=0&gdpr_consent=
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=c9fc9385-41ce-410e-9241-f4d9908c306c&gdpr=0&av_tc=True
https://x.bidswitch.net/sync?dsp_id=352&user_id=f536dcbb-fb28-4abc-87f8-adf09cc502d0&expires=15&ssp=taboola&bsw_param=c9fc9385-41ce-410e-9241-f4d9908c306c

43 B
145 B

88ms
87ms

Image
image/gif

52.58.132.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=352&user_id=f536dcbb-fb28-4abc-87f8-adf09cc502d0&expires=15&ssp=taboola&bsw_param=c9fc9385-41ce-410e-9241-f4d9908c306c
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 52.58.132.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-132-185.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=352&user_id=f536dcbb-fb28-4abc-87f8-adf09cc502d0&expires=15&ssp=taboola&bsw_param=c9fc9385-41ce-410e-9241-f4d9908c306c
date: Sat, 29 Jul 2023 23:30:13 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 0FD5
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7879e9fe-1260-4b1a-a6a1-bb04362e3e3c
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&tbid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&query=taboola_hm%3D7879e9fe-1260-...

0
78 B

556ms
549ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&tbid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&query=taboola_hm%3D7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&isDirect=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 29 Jul 2023 23:30:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1690673414.176129,VS0,VE498
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lis1490025-LIS

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&tbid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&query=taboola_hm%3D7879e9fe-1260-4b1a-a6a1-bb04362e3e3c&isDirect=0
date: Sat, 29 Jul 2023 23:30:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44677

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 0FD5
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=

43 B
180 B

77ms
76ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&gdpr=0&gdpr_consent=
date: Sat, 29 Jul 2023 23:30:13 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

xuid
eb2.3lift.com/ Frame 0FD5
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
353 B

111ms
111ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 29 Jul 2023 23:30:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 29 Jul 2023 23:30:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 0FD5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM

0
221 B

87ms
87ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42593

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Date: Sat, 29 Jul 2023 23:30:14 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2 200 sync
t.adx.opera.com/ Frame 0FD5 35 B
467 B 246ms
78ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:14 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cd9eaee5-c140-4081-bd9a-8ddd94675949

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cd9eaee5-c140-4081-bd9a-8ddd94675949
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43895

Redirect headers

date: Sat, 29 Jul 2023 23:30:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=cd9eaee5-c140-4081-bd9a-8ddd94675949
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame 0FD5
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=&redir=
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2013d632-b292-4f99-82ec-b5486bb0488d-64c5a106-5858

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2013d632-b292-4f99-82ec-b5486bb0488d-64c5a106-5858
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47512

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:14 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2013d632-b292-4f99-82ec-b5486bb0488d-64c5a106-5858
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 47ms
45ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:13 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 2462
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490025-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1690673413.103984,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 19
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 3340

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
412 B 47ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:13 GMT
x-amz-request-id: G0B8B06BNHR34ZN2
age: 3163
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: hmZamERHDmM7HPGheDgTxfCBlpKmrNgKchCV6gu3wwlGqanZsZGHuPiLEz/LgMvPa3DA8G+4Cxo=
x-served-by: cache-lis1490025-LIS
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1690673413.103964,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 56
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2462

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 47ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 23:30:13 GMT
x-amz-request-id: J5K710VF90255GNC
age: 5833
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: DH/pchBgnxSXENNBa2oaAs0ZM/x/Bpa5vBCgyzpf4YXE9oXnMromC9TPSgWfIZ6toSs0ZNd4M8Y=
x-served-by: cache-lis1490025-LIS
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1690673413.104080,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 3276

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C355 34 KB
10 KB 96ms
96ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jul 2023 18:46:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69393
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 30 Jul 2023 18:46:46 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 52ms
45ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490048-LIS
date: Sat, 29 Jul 2023 23:30:13 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 444ms
140ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 29 Jul 2023 23:30:13 GMT
cache-control: no-store
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
832 B 633ms
633ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690673414224&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1536&pt=-835954448&tz=0&viewable=true&ddast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ul3310_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 438675b841a4e8e3b881d98bc9fc4a2b4468453c992572a5837e1085b0fb3c98

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sat, 29 Jul 2023 23:30:14 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1308
x-cache: MISS
x-served-by: cache-lis1490025-LIS
pragma: no-cache
server: nginx
x-timer: S1690673414.247241,VS0,VE587
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 146E
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

57ms
57ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12000
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0GTFb9l0pnbSBh1qzIfG%2FaKAxZGYgJO1IQWvOxatv1SP7nx3IiT%2FatTqtGlYD4ZBGs6UpE1wCgpHfZ3EV9HjK2SshSxihJl2SQ1JUm3a4%2Fl1uf%2FXlSA%2F%2FawgcCn0jvNuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee92611486894fa-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame C6E1
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

119ms
119ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12000
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI1C3vcOuc6K%2F9FzMy5Y%2F1xeKRHqRX81ibfU3S9%2B%2BUAHH4REQa%2BaogP3xXaGRWgXP7yLuNa%2Fek5kwEgbr4xH9587X%2FO8STP5yyIf7rxJByk3KcwXjXN6FB2waUcpIPemxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee9261178c894fa-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 146E 975 B
750 B 61ms
61ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11789
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTGqvIEP9ORyF8LbYr4RBF4pS3XVyMH0k5wnJYpWisEj6t6q1LN6FFAUi0CIY8ixFKVSCSn1iq85K0zVHv6FKwMX%2B08q3xXkiBvh05VaEjak%2BCJg7xxn%2F97COVbX10frTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee926123a1594fa-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 146E 661 B
1 KB 508ms
206ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.24140532547742977&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:16 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame C6E1 975 B
750 B 54ms
54ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11789
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ozh5ZzV5rrNl%2BxoOH6iFYaF3vTHygfkQGRioDZ7e72LCJWCGliqfJcqnfsmAjxyM7EpJkWUzccRj8L91whjczbop%2BtUYWDav7kTvi1R1%2BTSwo1iR%2FEN3OnKg%2BNcubYe2QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee926127a8b94fa-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame C6E1 661 B
1 KB 465ms
168ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6636087543428115&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:16 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
X-Adtype: html
Connection: close
Content-Length: 661

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 90ms
89ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5129&cid=amp-ICTyN5AVg_5yKv9jhzzVfw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&dr=&dt=%E9%9F%93%E5%A6%9E%E9%83%BD%E7%98%8B%E8%B2%B7%E7%9A%84%E6%8A%97%E8%80%81%E5%B0%8F%E9%87%91%E7%93%B6%EF%BC%81%E8%B6%85%E5%A5%A2%E8%8F%AF99%25%E7%B4%94%E9%87%91%E7%AE%94%E7%B2%BE%E8%90%83%E4%B8%8D%E5%88%B02%E5%8D%83%E5%B0%B1%E8%83%BD%E8%B2%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1690673410&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=8884&epn.domain_lookup_time=8&epn.tcp_connect_time=525&epn.redirect_time=0&epn.server_response_time=1249&epn.page_download_time=3&epn.content_download_time=1818&epn.dom_interactive_time=1818
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
82ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E9%9F%93%E5%A6%9E%E9%83%BD%E7%98%8B%E8%B2%B7%E7%9A%84%E6%8A%97%E8%80%81%E5%B0%8F%E9%87%91%E7%93%B6%EF%BC%81%E8%B6%85%E5%A5%A2%E8%8F%AF99%25%E7%B4%94%E9%87%91%E7%AE%94%E7%B2%BE%E8%90%83%E4%B8%8D%E5%88%B02%E5%8D%83%E5%B0%B1%E8%83%BD%E8%B2%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ICTyN5AVg_5yKv9jhzzVfw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=8884&dns=8&tcp=525&rrt=0&srt=1249&pdt=3&clt=1818&dit=1818&a=5129&z=0.088816166557111&gtm=45De1110&t=timing

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 15:28:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28919
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7138 80 KB
27 KB 93ms
92ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

78722349964284aab4c3195e515667bc1f52a05338b3cdd38f51ebbb95854e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
server: cafe
etag: 529 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:16 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8CE1 80 KB
27 KB 108ms
108ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

26cdab50997e97f7d1ef0a355efcef20e323b0acc6e485b516fca024b55b81cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
server: cafe
etag: 422 / 19567 / 31076566 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:16 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame 7138 386 KB
123 KB 79ms
78ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 22:07:18 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/ Frame 8CE1 387 KB
123 KB 81ms
81ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 09:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51971
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125612
x-xss-protection: 0
server: cafe
etag: 13662757064411976442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 09:04:05 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 89ms
88ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=5129&cid=777882252.1690673412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690673411&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhan-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html&dt=%E9%9F%93%E5%A6%9E%E9%83%BD%E7%98%8B%E8%B2%B7%E7%9A%84%E6%8A%97%E8%80%81%E5%B0%8F%E9%87%91%E7%93%B6%EF%BC%81%E8%B6%85%E5%A5%A2%E8%8F%AF99%25%E7%B4%94%E9%87%91%E7%AE%94%E7%B2%BE%E8%90%83%E4%B8%8D%E5%88%B02%E5%8D%83%E5%B0%B1%E8%83%BD%E8%B2%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7138 27 KB
12 KB 122ms
121ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3407729655199211&correlator=3124009143037875&eid=44797785&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690673416767&lmt=1690673416&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=hv08xyttdmdo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1682568085.1690673417&ga_sid=1690673417&ga_hid=1631340156&ga_fc=false&dlt=1690673416057&idt=695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0195fd086fa094c411664b30f0d94b5cde181e5e910766ef30ad1df4fbf2b914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12016
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7138 15 KB
11 KB 129ms
129ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

54910e57be1663d6379fde4c95a87c5257874de6e6b65a60950469242fd5fc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11706
x-xss-protection: 0

GET
H2 200 container.html
6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D67 0
0 101ms
87ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:16 GMT
expires: Sun, 28 Jul 2024 23:30:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8CE1 27 KB
12 KB 211ms
211ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340078202939678&correlator=2197499801081952&eid=31072020%2C31076566&output=ldjh&gdfp_req=1&vrg=202307260102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690673416843&lmt=1690673416&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=rwjgr6o03txs&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1558062294.1690673417&ga_sid=1690673417&ga_hid=491735183&ga_fc=false&dlt=1690673416014&idt=816

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8942ed0e4f5be7d44b92aa8718da3d18e830c79150a9d401ddf3018fb89aa827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12010
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8CE1 15 KB
12 KB 141ms
141ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307260102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

14ef78f5dd9ea258e02114e643c5dfc161a8d92ba9eb518f1d36356a4cec5e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11777
x-xss-protection: 0

GET
H2 200 container.html Show response
7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D97 6 KB
3 KB 103ms
87ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:16 GMT
expires: Sun, 28 Jul 2024 23:30:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E42 0
0 116ms
116ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuctRNDaBSuQQ_a8z6Y_Ha--FHSv2OfvyYzSylW9fODkgr3EpTqcQUzjMdz90GwxXfArfnl429XSvaYAMmGABAVf_RYsgnTQb3i9irV7B-TGBzVapQ2rlT-qmFXqFt25u7bpzXgYnbmnlMRE3V04ANkfLbpW7OE_Y5xUwO-vfj6y8yhRNBxeRMTFKID2rhdWKj1ej8QLha7msHL6auObBme1KF_G4-gE231SCDUd12PN8L8k13uD8EE_v1LWCEVYwMNi3rtujxYapJM6jFV-zpIDnYedz10WtoUNluCq13Zc3mh002tO18agi1E6gvP834tVxhPJiYgl76M&sai=AMfl-YTCPnDhGhxJ6GYm2CJiqLPcrAEVibSEmBw2wJb4yJw7L8Ordwf_6xfp4Hns5w_7Q5m4WNSJ-_ZOz4akLaqyloAdxveHQWN5t3x0Bg&sig=Cg0ArKJSzB2YL6mFBYr-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 2E42 31 KB
10 KB 57ms
56ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 19:02:54 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 16042
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sun, 30 Jul 2023 19:02:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E42 179 KB
57 KB 270ms
87ms Script
text/javascript 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7138 17 KB
6 KB 93ms
92ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:30:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CE1 17 KB
6 KB 88ms
87ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:30:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2472 13 KB
5 KB 80ms
78ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 72BD 783 B
759 B 92ms
90ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

d56b51ddcb6a79aba6625c899f262182735b0bc6d8adce783e8fd281ca7d3378

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dus5tks7bQounW4vVfF4aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-dus5tks7bQounW4vVfF4aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:17 GMT
expires: Sat, 29 Jul 2023 23:30:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98A3 0
0 115ms
114ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVNcUxS6wxzvXUPevQ5BXKZSdOo3YQDg4KY1FCVWy_ECajvvFz-Cfbn0_R4oX59ytI1h7_7S7yEUvg3_QrIDjUSCZXO7pA4Db7WTrYuIQX8_wT6mJSaFh06xl2CWYqHt_mxr13QEABhKKQsoJ4UgEKJPvBJhDpwz3B7Ze7bPPXjS7doo5XDB3p1tDw_PldO4VdLB_lLhB-WVLgwx2J4D6fuGBJ0NZwmscFH7J3ynmQH1W68lomnaWkzBwXBwbsR-vmKuNw2WzQtppI9opxcder3yMy2_o6WyVigb22_96Fc1Wo43lrofQw7eSm2pT6-pvWv8lCrNlVEtkh&sai=AMfl-YTfEmUDg0K2cYkHtgdAlGvggEVJFsQJhQgx1Pos7LV9U9DXVd7T7cRCKzoF_Q8DSiWQ6U5sLuC9eal-Ogw0zScIiX2YWPgjTEoBZw&sig=Cg0ArKJSzJ7x_H3fezKqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/han-niu-du-feng-mai-de-kang-lao-xiao-jin-ping-chao-she-hua-99-chun-jin-bo-jing-cui-bu-dao-2qian-jiu-neng-mai.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 98A3 31 KB
10 KB 54ms
53ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:52:31 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 23866
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sun, 30 Jul 2023 16:52:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98A3 179 KB
56 KB 194ms
176ms Script
text/javascript 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01EB 13 KB
5 KB 80ms
78ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 4622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 88D1 783 B
742 B 91ms
90ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

f00e7189ae96ab402024977a14b12a6ae9e0bedc31ba5b92d4100d8e4abed22f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SOQue5x09xBM6VTDS_yk_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-SOQue5x09xBM6VTDS_yk_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:30:17 GMT
expires: Sat, 29 Jul 2023 23:30:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 72BD 0
0 115ms
114ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=3407729655199211&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 2472 37 KB
14 KB 82ms
81ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 88D1 0
0 114ms
114ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307260102&jk=1340078202939678&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 01EB 37 KB
14 KB 82ms
82ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 149ms
141ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690673417226&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1536&pt=-835954448&tz=0&viewable=true&ddast=V89xYCLAaEsjN_nazBOhIIZWf-OlmDdSwAAABgYID-AEmMVrbVyrdbSzYzw1o0XFjcEodzudZYloOVabmYDHebISCJ0cq2Wvl2a8lmZliLhguLW-JwLtcay3KwMi0Xk-FuMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBhmg6HT7XvV73-90lPs9c4_cr_EKH3S13ut4i11vmsvvcaofTLXK5tQ67zy12-N3Cp8PvljrtbsHT7nNrjA6_W3N0uYWuh1u5XGuMrrtb6rS7JX631Gn3uTWup1vieoscfrdk8XTY3VKn6y132X1utcNpF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BQGyDQBPJgQBed5c_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAAADTEcy4IFuD4Wo9IAXARRgAAAAC2ms2Hj0zSCSoWVf7___utAFwBAAhIHOWX986iOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MP5ogSjOzNEKTo9dqfgEBANb8AgIAsFE3AABvAuAEHYJWDAarExCzAwAAAHDn____Xw-IOTcTk8eycS48q5HFsnFtZjaPcbUybXYTm2mw3J5mALlAtYW39z4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwNHPOXC6Pw63yOAxr0WIwWQsXvplbudwYJsPRZDEzjdai18d0sdgss-FkiwQDGPcieVqkE5Vzsds4LIbZbrZarmar3XBicvlGloXFMLNsBpOJWKI5WaQT2WVfc24mJo9l41x4ViOLZePazGwe42pl2uwmNtNguS_NnDOXy-NwqzwOw1q0GEzWwoVv5lYuN4bJcDRZzEyjtej1MV0sNstsONk3ZsvBbLcZLQb7xmw5mO02o8Vg36EzfFefs1FZVkk-MqFrXK0Vbk6DwmWweNfq01lYFB6s0XDR6ZKIj52d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNigUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_iFDrtb7nS9Ra63zGX3udUOp1vkcmsddp9b7PC7hU-H3y112t2Cp93n1hgdfrfm6HILXQ-3crnWGF13t9Rpd0v8bqnT7nNrXE-3xPUWOfxuyeLpsLulTtdb7rL73GqH0y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WPIIez0f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ul3310_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a3d26979398222c3d5d8c8435846dfbd154ab336cd58cef9bc9aa05b1dba300e

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:17 GMT
content-encoding: gzip
server: nginx
machineid: 1474
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 2E42 80 KB
30 KB 264ms
85ms Script
application/javascript 87.248.119.251

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MZTZMREDP60VPNKF
age: 115
x-amz-server-side-encryption: AES256
x-amz-id-2: sONyiotZFRb0WHliDdpxbjmapWRmvX20pcmeYSC5T/ZR9crvMhynCYFFAOeQC6Is0JeFaSthHks=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 2E42 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29fa57fd9b621fa3610de81d1f295ceafb0b769e28bb5b211ab8c1e2a26ef70

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 98A3 80 KB
30 KB 293ms
143ms Script
application/javascript 87.248.119.251

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MZTZMREDP60VPNKF
age: 115
x-amz-server-side-encryption: AES256
x-amz-id-2: sONyiotZFRb0WHliDdpxbjmapWRmvX20pcmeYSC5T/ZR9crvMhynCYFFAOeQC6Is0JeFaSthHks=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 98A3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7894fd82e0571a8b4e48592ad581c090b6e8fda7aa5d983ccd93f1f233f9a62b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2472 0
10 B 78ms
77ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rwm_DA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 01EB 0
10 B 78ms
77ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xZRwJQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET 855414e92342fff1a22716ef96a1c15f.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 2E42 290 B
614 B 300ms
99ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 23:30:17 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 0d203ab9-52ff-4b6b-94bb-f733ba7cb760

GET
H2 200 b
geo.yahoo.com/ Frame 2E42 43 B
99 B 749ms
89ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 b
geo.yahoo.com/ Frame 98A3 43 B
829 B 711ms
88ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 23:30:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 98A3 290 B
358 B 311ms
149ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 23:30:17 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 11
x-xss-protection: 1; mode=block
x-request-id: 540bfd8f-5585-4ba8-91cb-463a1d5fdb75

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 2E42
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

65ms
65ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12003
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m10QTRZiwgoD0YcWfQXLsMSqzT4ZOdPo8BzHauNYvqgq%2FA2Wru73gn9olBUqCkl3cuYRxWivN9lYCzmDhByz%2FlcEjQoavZGlgI6pjss62nuzZ3zeW%2FzM6%2B91ISfoFDAqzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee92620ee4094fa-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 98A3
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

57ms
56ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12003
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goucyynrzpyDFuuhRDyQZbsxPxJtYeofVIKR5ARiKrscM9gflQHc5UJwsns6ITxKQeOKpK3XATGn%2Bo%2BjlbSQHZaTnSdHPovMj2uBEqPzAd2oILEK1G%2Fgd5jacAKEdNJXVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee926213efd94fa-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7138 0
0 119ms
118ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=3407729655199211&bg=!8fKl8qbNAAZGOVy5Zjk7ADkAdvg8WgSwXCl7JgjbpySXcvi56xoGkaRV7KPHmxaJYZmcrWXbGDePWxNypw_2EwVFOJEkku4HViECAAAA31IAAAAHaAEHCgArHH08sJYt78UlRMPDeFcDwZBCooe2X35PE_31wcK5mTFqpjs74-N-qb8UQ5kC7d0hIXCu5YZ6ad59--ABT1LNnO9MRfLXr3aIyaNzRQdEhTHNx0LYlyI6UcaKH7LmdQlXZD-uBOAK9e5_bCKy33wPUkZmnIgNtpQqLs3N-ujZBZWHfDSlQjEJDRpMg50Rg24uiXQtcA8bORz80SMa67nclvM6uccVnpBm2BN_WmFWAHsVSkNflYPA4V4o1gHkwyIpKfX9_F3wNOZplk2Yzzpxo5zxg-M48XEpVtjcXbKgAKw41itEDxz1kk1Tc06BiDD7HYVKpKK4voRVFK6firE_ir8wAzJUxv6-Qz31AeYjhGa3lJPEZcdqlx9mL5uGWsviDPMG2wqYv3oKJl9rUhfDG6Phy85qXu4jxfZfztfzM1V0rRCpCFldctYaYMvT7FvH2XLezNu14pcgsSZH6ATPHxEIwDT5yv_pgnaZtkGX179nAYVcMRjIlibeWp8-M_BThpEi5FjZMV00n9I5HtFQPu9heNbej7bQh37I1n05wjBZ2ncbqlyE1U913JllY802xoTIoSM-JV0Zc9tdPhxXK__gw062vgvqGJs5_E7k1Lf8GCFinKunzQGKa0kj_mYW948ycW6JQZiB1vLJA9TuBRAtAD9nYTUZbD-zjea5CmSOeM5mYmv4XZLXyZHgflXy0kbxXpSVjQ88EimKv7XQk3k_4lL1JcjSh6ZFupXHWPCGehcaN20z1snihYoR1yAb1SJR6PJOyBfp8zKU3KGXParY0BVYxQsjjpCP5FZadhurWSwiSOUvXgKQe7ML4acwfTcYiUqXl8rUJ7-5lTadp4xMcsePT9yw4N4doCE0SiZ2801X9yeZ8EzWV3Xv550PMFxaiwIaAaMnadWauFMdvctX7nXvqB-z75ts1MggAzeEBOzEdL5QjmDJkWj02IqF1uvyRUshr335SmXxja1jVZ7rztpBjObllc4YeffMxfClvHvG2RQkgzwhwL6mn5OXeEFG5pVfc56wD2DFstRdoEFyTj8VjiY10k6R
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8CE1 0
0 120ms
119ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307260102&jk=1340078202939678&bg=!29il2IzNAAZGOVy5Zjk7ADkAdvg8WqSqJPCYxavvyNA3oX8D_PtKQQF_seJA4jo1M53sHfSjMTzqAX48TjDeegEoK8KJRJOA7VoCAAAAslIAAAAFaAEHCgBJCbYpmDopELSL6da1I1lVhnOwOGGvjPMbioCjaFtrINaGFoLwjFcvKqQiSZ27xFzr2nBJwlUd-TtmIbMTlqSJvFFDZRH9ta4ggJkC8PHDuUFNTqVg52Pl83CZXQ9McA6voUTooFnOecKhe_NjLlFBeAK-L8kY4sB7cVniQi22QbibYy4yvJauG-C0gert5TfYpELW_AlOxtlDpRgYglXYK3v_gqYdxTx-f560bCbXI4p8o3CJSsxzupFvDuqPu4ivVocaMmExd1kIFDMwTK-nk4ZbdL2PUWvBXw5PUNHZPdXBDkaN-WXjMCASw3-iDpgPzEeqZyD54qFaL8JDK1EKQ7Sm8K9FzOBLkHV8Ytb1PCCgIplPINmqP6ZAVQh-xrnEIFXd2iFx4-5jRyPBGRwSAonpq6Df3QiiwfwjsjlGOP9TpIseIiKhZnhFk6CcjiksNEqe9fbWgZI6u6CwCX6keZuFJIneqk9qeIGrc9WrlJmh9WMgL9W52OT0GleQRzVX__41QTxRouvnlRAwNP-tz9PiceR8UqChc_HJdGQWlvORAp0uC0Vad_OIdwB6r4SdybbvWsa5SHKu6aSEq3agCCZsML7YLQTGJm2WfaxUHtrkcS4M68EDNwV6JlFGsXOzns_zPAMBr5mpicPGvcM2O13BXPurbs7KbK-sc1zEBTwjtl0nara945taC5FlJpVTz68WLBSuJkSnjCoYwmluT-7S7uscIY9IlgMS29h41587yp7vjRUsjBE5D3aeik0JqQIKkKCYY1TCLpnhRhH30IagpTV_S7ChAUFg-_0i_nHml078jQLY0JC-WsqzlJGWCDwBtQJCkiSdCI8RN_s4bEDBDj4vl2U_w0cAB7ylLPvP9OI7GywSou2xZHWd6j5Pdd4m16xy3QdQSM7Lmyc59ruFS4G1taOj7_Nr4I1YpnsB2PzUPZd3vh1JN_dKgxg6NdqVaBpKd6bZFRT3sUkIXfppVl1ZKgXJZ9AxCTxJIoAQ1BN5uCceKM-BqmxAffojsUsmclV7d0QM5YeP3VV-FNbYZxwh8vzQhOJcoc0a7K5lze_rGLMhULI3Z44Nh_cvX3E2XattuuBMZU9a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 2E42 975 B
749 B 65ms
65ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11791
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CEWXUVKcY32iyjPx612DvqkfIMbkEgG%2FU4T7hTbbtMyvjDiMz7sEwpxvmrElDEgm18BTNHp0Z9Aw7oDxNhWN%2BUdERjUiSJzsP6OO%2FtdtRp4cMp9KI1%2B51AI2tPnCrAb7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee926214f3d94fa-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 2E42 638 B
1 KB 502ms
217ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.15558279541193665&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:18 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 98A3 975 B
749 B 55ms
55ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11791
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3t%2BhY%2FWhOipCy0az6FtamuJs1vvvKdIAuXJyNVSH2bk31RcXf4qVqasgnW3DehRPEueSx6u5sP%2B5HncYg7KG9LlKX5vNiIGGqtxNE8OyoY8TFwfNjttVM%2FpeTHeqwKGp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee926219fb494fa-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 98A3 638 B
1 KB 466ms
179ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.11218201938605477&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 23:30:18 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E42 0
0 272ms
114ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv513iy5h0rqflXHfIjkj__zeKZqTiNKskNuRo_Y9nHDJBdVAYW2jiioBDPZ1BYsQydAiZdsFsNm4llO46CxNYk5JOLcO4_s5RGNd3dH6dSIJM0eAq09UIn9Emqx-VwNLgW_dVrVjwFujFVYonm6Vea5hfplUb3D1CijqSxduMTYmh8GsDYyusc0_nDvRHgw9BhFJyLXfT3HrgXi77lT0fiIrIbXlPuclMGbxSq5RtlqBMRbeyPQfHZgfsl8qFfPkk9Vnr2FNMleQP0AdvhSbaCOohOx8sUbtZRq-3-TqSCm21dU-9VWktDXQUY7CtPuEFbJxq73dFR8_JaGxE&sai=AMfl-YSNsQW44cEqkG_9v0-f72qmSC2kcmWdQaERdfBKG-92uHACkBQ35VkFrtElmR4A2hMnfH9g-G6hWJ5CL91nSF0YYY0UMZQ_qDPi6g&sig=Cg0ArKJSzCSencTDKH2BEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 29 Jul 2023 23:30:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98A3 0
0 240ms
115ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssd7ipQz8eUh_EmWgGCHlCoqqqMWthEIyAoDRk8qwEZoFE3mqLp79zuxv_Qg1rAyKdVGnOjOslBqn3UB9_goQHIVol9bvGSNPxebsvDLxJHr88VqVxWiE4FivWNAaANwsWuyOTRR7eu07q8JeyXZbqMKISflf4jJYOJKQ4JJ8vJJ-iNhsYcfPfqu69VKeMoXRbJwFVQnvBThhyCqrIEOM-Dw3oDI3db6LgRq-E6_LnqPdfzIrmPPJwnupsTyl8AW6SU64tNZdJmx6VdTOuYezntCn7rLq7o1H8kjwxPLWl9kEcayvX2W1SsEp-MTjZLHyzkxy2jP6_4P5OoYqY&sai=AMfl-YT-PqeXY8XUcesw8_CSUZ3wx1Gy2Qcyvv9qGpvaAwBkyTrLbvseEbD0Sk2uwmHOr0Stsx49maoqVoGlnpZ_D5AFGz9GcyH1ac4GiQ&sig=Cg0ArKJSzL-kQlFYGlVtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 29 Jul 2023 23:30:18 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8F61 145 KB
50 KB 103ms
103ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3ac79563c869c34ba10b309e5ac3701ee570c263e94384b885adb677f84dfbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50671
x-xss-protection: 0
server: cafe
etag: 6804422972039326613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:18 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8B79 144 KB
50 KB 149ms
149ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5d005e322a7a1b7a0bb856632242667c3a3df642511e7c3819ffd370dbbe00ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50654
x-xss-protection: 0
server: cafe
etag: 18170364346934629076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 23:30:19 GMT

GET show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/ Frame 8F61 0
0

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame D70E 0
0

GET show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ Frame 8B79 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/f8dd79f475bae5a3801a067df3c07ecc.jpg?w=800&h=600&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/1257892f1eec349ca94504a29df0716d.jpg?w=800&h=440&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8d05b9d7e5f824860c67ada7d1dc7a68.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7a30725c6dacd55dd0be8b16d3ea84a5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202111/6d0b9503bf65f6271c63801afda75981.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/44442e5c8ffd42393ad94680db6a5758.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/5a78e413c6621e7b8a0b84721b4548c9.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/bb4be3147b210a20a3f4c49cf932a116.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/8ce7830c3de5b0aa70aabff4cc55841f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0cca8290a08c5aae3d8ce4a37dbce6ad.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/4472eaa4e1ec210f34855e2e99eb8b72.jpg?w=800&h=527&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/9850538054e699808be8d78bb129c689.jpg?w=800&h=570&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2c7cc44ec16ed25fbc047149919e0769.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/10350a5b926b8181ee24a8ad90a5ad04.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/424cb555b7ac569ef33debe6506b8aea.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202201/0504e3a1a785d3bd3b8d5422b12b632d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/6769131cb038c4e77019486123f56d07.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/502e2fc0233c03496ec5a834ac0d58aa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/96c5b485b6772e7409541ab050cc6b88.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/77072cfff12e050ce240a36dcf22b2ef.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/fe2a5f7bd60b21738bf1eac382624acc.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/e812e58a47933eb76faab8ca4140a748.jpg?w=800&h=808&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8f9782bcf535081daf5535a4f8ba09a7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/e83bcc0c5f87bad22ab63e87a9c7ba1b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/1fa30de1ed283d5ef9ae94f33793eaea.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4e65166e8d16df38b07c6495d2bc979b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7dc31550d16e6a424bfb03d1bbef52a8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/855414e92342fff1a22716ef96a1c15f.jpg?w=800&h=600&q=100

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/show_ads_impl_fy2021.js?bust=31076492

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076426

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/palmate-bg3co/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_f93bdc2c9a35db2c53ffc85e437bf409_4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682_1690673410_1690673410_CNawjgYQ2YJdGLPk85-aMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB
cdn.taboola.com/	1970-01-20 13:38:04	Name: abLdr Value: 26
.aralego.com/	1970-01-20 22:23:29	Name: sspid Value: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
.www.bg3.co/	1970-01-20 14:21:05	Name: _im_vid Value: 01H6HZSWJAZM42P2JY2RA9KQY5
.quantserve.com/	1970-01-20 23:08:07	Name: mc Value: 64c5a102-b0e16-9247f-b1d53
.bg3.co/	1970-01-20 23:02:22	Name: __qca Value: P0-483247503-1690673410372
.taboola.com/	1970-01-20 22:23:29	Name: t_gid Value: 4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
.aralego.com/	1970-01-20 22:23:29	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:23:29	Name: gdpr Value: 1
www.bg3.co/	1970-01-20 22:23:29	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
.bg3.co/	1970-01-20 23:13:53	Name: _ga Value: GA1.1.777882252.1690673412
.bg3.co/	1970-01-20 23:13:53	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1690673411.1.0.1690673411.0.0.0
.bg3.co/	1970-01-20 22:59:29	Name: __gads Value: ID=4eb0efde5d4fc960-226b46b91ce3005f:T=1690673411:RT=1690673411:S=ALNI_MaqVzC7_IAf_0zmYXrEVUwHIjvrZQ
.bg3.co/	1970-01-20 22:59:29	Name: __gpi Value: UID=00000d30f194c488:T=1690673411:RT=1690673411:S=ALNI_MYfcYE9onzNT8jZ2wXyUESozkVIjg
.doubleclick.net/	1970-01-20 23:13:53	Name: IDE Value: AHWqTUnVTKQDpNlY7ijn6HiGPBxTuwT10Qg_7c4tU0K7Auhc9XVPVJTVd6qG6QpPZRQ
.adsrvr.org/	1970-01-20 22:24:55	Name: TDID Value: 1a1d79da-b3ca-4219-8dfa-f621d9f1afd3
.analytics.yahoo.com/	1970-01-20 22:23:29	Name: IDSYNC Value: 19cx~2d1z
.linkedin.com/	1970-01-20 22:23:29	Name: bcookie Value: "v=2&483c2b2e-e1a5-4af7-80d4-c24c276fea21"
.linkedin.com/	1970-01-20 13:39:19	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2970:u=1:x=1:i=1690673412:t=1690759812:v=2:sig=AQEKmfc3ZxZAMBOO__c5gNr10WN3oca9"
.rubiconproject.com/	1970-01-20 22:23:29	Name: khaos Value: LKONAPIE-1N-AKGT
.amazon-adsystem.com/	1970-01-20 23:13:53	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:34	Name: ad-id Value: A80nKq5m_kgvozpxAy0IOc8
.yahoo.com/	1970-01-20 22:23:51	Name: A3 Value: d=AQABBAShxWQCEC504YRizUn4DMkff_gvepIFEgEBAQHyxmTPZAAAAAAA_eMAAA&S=AQAAAsy-7O33EoCIjKmODRGYy9k
.adsrvr.org/	1970-01-20 22:24:55	Name: TDCPM Value: CAEYASABKAIyCwiUy6DQz6WIPBAFOAFaBzA1NGYzMm9gAg..
.bidswitch.net/	1970-01-20 22:23:29	Name: c Value: 1690673413
.bidswitch.net/	1970-01-20 22:23:29	Name: tuuid_lu Value: 1690673413
.bidswitch.net/	1970-01-20 22:23:29	Name: tuuid Value: c9fc9385-41ce-410e-9241-f4d9908c306c
.ads.avads.net/	1970-01-20 23:13:53	Name: av-mid Value: f536dcbb-fb28-4abc-87f8-adf09cc502d0
.criteo.com/	1970-01-20 22:59:29	Name: uid Value: f49b2176-dfad-4a3f-8af9-c8bcf9d40a53
.ads.avads.net/	1970-01-20 13:40:46	Name: av-tp-bsw Value: 1
.id5-sync.com/	1970-01-20 13:37:53	Name: cf Value:
.id5-sync.com/	1970-01-20 13:37:53	Name: cip Value:
.id5-sync.com/	1970-01-20 13:37:53	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:37:53	Name: car Value:
.id5-sync.com/	1970-01-20 13:37:53	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:37:53	Name: callback Value:
.rubiconproject.com/	1970-01-20 22:23:29	Name: audit Value: 1\|d4lfR6L0jUByaSR22UGxlRCXnAVdo0zef5NLAXdPxVBgQ4KuYdtRFpsuVZ9n25Cg6Pa2DzaoYjjqFTrNE4+z9kqVaHlG5Slg/Vtt7hKIOSQ=
.openx.net/	1970-01-20 22:23:29	Name: i Value: 9908729f-82c6-4e21-95e2-44b3513dce00\|1690673413
.mfadsrvr.com/	1970-01-20 23:13:53	Name: tuuid Value: 7879e9fe-1260-4b1a-a6a1-bb04362e3e3c
.mfadsrvr.com/	1970-01-20 23:13:53	Name: c Value: 1690673413
.rfihub.com/	1970-01-20 22:59:29	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MrM0NDOzsDQ1NRHiM9QNDXWJ8DAI0nWLDHYEABrqitQlAAAA
.rfihub.com/	1970-01-20 22:59:29	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZmlgZm5sYmhsaWICAEsk228QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MrM0NDOzsDQ1NRHiM9QNDXWJ8DAI0nWLDHYEABrqitQlAAAA
.mfadsrvr.com/	1970-01-20 23:13:53	Name: tuuid_lu Value: 1690673414
.mfadsrvr.com/	1970-01-20 23:13:53	Name: ssh Value: !taboola,1690673414
.3lift.com/	1970-01-20 15:47:29	Name: tluid Value: 120296643478186893296
.lijit.com/	1970-01-20 22:23:29	Name: ljt_reader Value: HEGiqQZHkGtMykJdQrma8An9
.contextweb.com/	1970-01-20 22:16:17	Name: V Value: HKDYFcvO2BFu
.contextweb.com/	1970-01-20 22:23:29	Name: pb_rtb_ev Value: 3-1lzu\|5Ql.0.4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 75e9bd79f88ccc53
.lijit.com/	1970-01-20 22:23:29	Name: _ljtrtb_42 Value: 4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
.adx.opera.com/	1970-01-20 22:23:29	Name: UID Value: OPUf428bacd59d6495ab225487a0c288d11
sync.srv.stackadapt.com/	1970-01-20 22:23:29	Name: sa-user-id Value: s%3A0-89b271a5-9f89-5b1a-4a48-7f076a08df84.lOx5k9dsDD86jWWvqZR%2BvZPsHJ2vfSa8uIGy2HpXe24
.srv.stackadapt.com/	1970-01-20 22:23:29	Name: sa-user-id Value: s%3A0-89b271a5-9f89-5b1a-4a48-7f076a08df84.lOx5k9dsDD86jWWvqZR%2BvZPsHJ2vfSa8uIGy2HpXe24
sync.srv.stackadapt.com/	1970-01-20 22:23:29	Name: sa-user-id-v2 Value: s%3AibJxpZ-JWxpKSH8HagjfhFvN5sM.pggWv8CKOwbxR4GD5%2F46aqA09MahTaDrXQij12R5MA8
.srv.stackadapt.com/	1970-01-20 22:23:29	Name: sa-user-id-v2 Value: s%3AibJxpZ-JWxpKSH8HagjfhFvN5sM.pggWv8CKOwbxR4GD5%2F46aqA09MahTaDrXQij12R5MA8
sync.srv.stackadapt.com/	1970-01-20 22:23:29	Name: sa-user-id-v3 Value: s%3AAQAKIMUxcEjstsY0pNEFcvgXe-dyHuxbYAlo1XESRibKtWraEHwYBCCGwpamBjABOgTwi70wQgQK_OCs.Yuq8ct5xp6yLrhe8pogLZFIR5YbV4x9MR4lHaT0ktww
.srv.stackadapt.com/	1970-01-20 22:23:29	Name: sa-user-id-v3 Value: s%3AAQAKIMUxcEjstsY0pNEFcvgXe-dyHuxbYAlo1XESRibKtWraEHwYBCCGwpamBjABOgTwi70wQgQK_OCs.Yuq8ct5xp6yLrhe8pogLZFIR5YbV4x9MR4lHaT0ktww
.sitescout.com/	1970-01-20 22:23:29	Name: ssi Value: 2013d632-b292-4f99-82ec-b5486bb0488d#1690673414626
.sitescout.com/	1970-01-20 14:21:05	Name: _ssuma Value: eyI3NyI6MTY5MDY3MzQxNDcxOX0
.smartadserver.com/	1970-01-20 23:09:34	Name: pid Value: 2073592120587985509
.smartadserver.com/	1970-01-20 23:09:34	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:24:55	Name: csync Value: 107:4f9feeca-eca0-4102-8a7f-99c028421f44-tuctbbf2682
.adscale.de/	1970-01-20 22:20:09	Name: uu Value: de9a9db16baa4105894834d7a1b4318a
.adscale.de/	1970-01-20 22:20:09	Name: cct Value: 1690673416471

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202106/8ce7830c3de5b0aa70aabff4cc55841f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/f8dd79f475bae5a3801a067df3c07ecc.jpg?w=800&h=600&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0cca8290a08c5aae3d8ce4a37dbce6ad.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/bb4be3147b210a20a3f4c49cf932a116.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/1257892f1eec349ca94504a29df0716d.jpg?w=800&h=440&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7a30725c6dacd55dd0be8b16d3ea84a5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8d05b9d7e5f824860c67ada7d1dc7a68.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/5a78e413c6621e7b8a0b84721b4548c9.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/9850538054e699808be8d78bb129c689.jpg?w=800&h=570&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2c7cc44ec16ed25fbc047149919e0769.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/4472eaa4e1ec210f34855e2e99eb8b72.jpg?w=800&h=527&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202111/6d0b9503bf65f6271c63801afda75981.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/424cb555b7ac569ef33debe6506b8aea.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202201/0504e3a1a785d3bd3b8d5422b12b632d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/fe2a5f7bd60b21738bf1eac382624acc.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/77072cfff12e050ce240a36dcf22b2ef.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/44442e5c8ffd42393ad94680db6a5758.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/502e2fc0233c03496ec5a834ac0d58aa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/96c5b485b6772e7409541ab050cc6b88.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/e83bcc0c5f87bad22ab63e87a9c7ba1b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/10350a5b926b8181ee24a8ad90a5ad04.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8f9782bcf535081daf5535a4f8ba09a7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/1fa30de1ed283d5ef9ae94f33793eaea.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/4e65166e8d16df38b07c6495d2bc979b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/e812e58a47933eb76faab8ca4140a748.jpg?w=800&h=808&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7dc31550d16e6a424bfb03d1bbef52a8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/6769131cb038c4e77019486123f56d07.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvaGFuLW5pdS1kdS1mZW5nLW1haS1kZS1rYW5nLWxhby14aWFvLWppbi1waW5nLWNoYW8tc2hlLWh1YS05OS1jaHVuLWppbi1iby1qaW5nLWN1aS1idS1kYW8tMnFpYW4taml1LW5lbmctbWFpLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.bg3.co/imgs/202106/855414e92342fff1a22716ef96a1c15f.jpg?w=800&h=600&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

295e51018300fa3da16dafc5b6a6edba.safeframe.googlesyndication.com
6da7e18721c361a2915ecf1a0cdeb778.safeframe.googlesyndication.com
7c7443aac031e0bdebfcfa030d93c860.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.sitemaji.com
ads.aralego.com
ads.avads.net
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
bh.contextweb.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
d-23735339143651018048.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
ff79fbda86b111605e3f6776537a8c6a.safeframe.googlesyndication.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
match.taboola.com
nt.compass-fit.jp
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
static.bg3.co
stats.g.doubleclick.net
sync-t1.taboola.com
sync.aralego.com
sync.logly.co.jp
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.bg3.co
103.231.174.251
104.26.5.103
108.128.190.51
108.138.7.45
124.146.215.44
13.107.42.14
141.226.224.32
141.226.228.48
142.250.13.157
142.250.185.106
142.250.185.195
142.250.185.206
142.250.185.97
142.250.185.98
142.250.186.100
142.250.186.129
142.250.186.34
142.250.186.66
15.197.193.217
151.101.129.44
151.101.65.44
162.19.138.83
162.210.196.208
172.217.16.130
172.217.23.110
172.64.103.25
178.250.1.9
178.250.7.13
18.197.15.79
18.66.97.113
18.66.97.81
184.30.22.30
185.106.33.48
185.86.139.101
185.86.139.93
188.125.72.139
192.96.203.13
193.0.160.130
198.47.127.205
208.93.169.131
216.52.2.6
216.58.206.33
216.58.206.40
216.58.212.162
23.212.211.47
23.50.131.209
23.50.131.214
23.53.42.112
23.97.225.52
3.122.169.238
3.233.145.141
3.71.149.231
34.120.96.193
34.98.64.218
35.186.215.140
35.205.207.25
35.208.249.213
52.199.103.74
52.46.151.131
52.58.132.185
54.160.99.180
54.199.134.236
54.239.33.158
69.16.175.42
69.173.144.165
69.173.158.64
76.223.111.18
8.43.72.97
82.145.213.8
87.248.100.136
87.248.119.251
91.228.74.244
98.98.134.243
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0195fd086fa094c411664b30f0d94b5cde181e5e910766ef30ad1df4fbf2b914
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0f21a359cbbb721e4ad6db3ad79a234b1a198b51da7fed570a20e1d53c273b9b
0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14ef78f5dd9ea258e02114e643c5dfc161a8d92ba9eb518f1d36356a4cec5e70
16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19a8427a46498d5620768dfcf25d44b04415c8590e9213054e5702ab4d5b08d5
19a95ba9c933d2d3798025717a189d2f87680fc882f2fb956b272b59fe97d706
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1f02bc67ec0c54776bee6824ae670c9e974a8fd617c5610e574c6b4d007abe48
1fa0616a1df4a0404c8640f675de1f19aefdb9be8fd52a889683cc9f7d888318
226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc
22e086dfa5f95b6b57f03fe1510874b80bbf43952fa16e97c661ef65afd7cd39
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26cdab50997e97f7d1ef0a355efcef20e323b0acc6e485b516fca024b55b81cc
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f703396a36036cca8260b20715fdafb7650e07a48d5b8b2324651e06aa99945
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53
354870399cd25b9a3e2d93b89ab95c7d37b034d9a813a3508eebeba38b09330b
3642b288dd6a377d32f199339971d6a27f1c4b1f253bd654ea248c98c603426e
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ac79563c869c34ba10b309e5ac3701ee570c263e94384b885adb677f84dfbc4
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42cff7d4afcab118e099caa38fea90d84fda4b42a0f007286c684cb3be4235e0
438675b841a4e8e3b881d98bc9fc4a2b4468453c992572a5837e1085b0fb3c98
43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
543620a655e98da5da0420da003b9ea713564b976a66f47b290db7629df04088
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54910e57be1663d6379fde4c95a87c5257874de6e6b65a60950469242fd5fc68
54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5770d0ab0f132c17e357c960ca4e6e0c48ea1cdb4136c2b032c84d99cffa40ef
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5d005e322a7a1b7a0bb856632242667c3a3df642511e7c3819ffd370dbbe00ff
5fd183eabaa717743b87dce14a09a2a8b7995a83d36e3d2c156831b5322cd357
603734eeab3fd760d92cc9abb6e66abb6e190649e9cb431bfce1ebc9ea3f200e
60ce6d7b42add94b5f69288bd621224d94149b3b8c9992d20b18f0ca13298315
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
6347468fc067a7fa6f6850737ce01e6d7250bef703ee02ac2dbb406ede218c3c
66966cdda82f6bad0c630ef2c4535e5b9d0f0dfa388e6591385df8ff99e903f2
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d095a3be2166f17e7143c2d18f50d2db4ed0481f50de4542672e3e37afab62e
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70018b67b02eae709ab7b260cf6c71e9ac26e8eca0acdd2f5faf90c078f34cc9
74a96f46dd66ee4923a2156d85ab9298148b24490bcc11856caf2f2b4e06ff51
78722349964284aab4c3195e515667bc1f52a05338b3cdd38f51ebbb95854e13
7894fd82e0571a8b4e48592ad581c090b6e8fda7aa5d983ccd93f1f233f9a62b
7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8044db7ed25d2ac40d39899f524ddeee9385f2850d9fcb8a29f91f8b220c783a
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8304b68f4fe9b28858722c2e87a9c210aa341ecbf7cffbaebf5efdf69a04845e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8611d1cddbbf5b7aac273971e06618dec56ecf1c658863f650fe6aa655b023b7
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88c49c9dbb9e5595fb5c90c1d1d840ec4ed7ce424b6e1b9a0a60aa6360e7c856
8942ed0e4f5be7d44b92aa8718da3d18e830c79150a9d401ddf3018fb89aa827
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2fca383e4485ceb88abcf711d2608be25d91dae8d1f587a6cbd7dfec2a6cee
8ef9352498db33c41e3bf33ee1f235d712b0fbea0738d92efaa3a3789aff5d02
8f1c572f939bb0a7099f4c8635018bb97c1d5973de1c7e46977b26e28b015a7a
9191935d70742ec57067c3f5146b44fd2a2084851230bcc665985ed9df861d8b
91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
928874e76760ef5d98f42455fa2a94a1698774f1bf6a71b28fcca3f0ddd2a6aa
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656
9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3d26979398222c3d5d8c8435846dfbd154ab336cd58cef9bc9aa05b1dba300e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
ad33e02b7663c396bc8a0da0d583f11df8df37a8b83a62dff251fd185b358bee
aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31
b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16eba7244a4829c6d4aa6d40079de90473e78f6b2ebed32b7e32ceb4e0cf7e2
b29fa57fd9b621fa3610de81d1f295ceafb0b769e28bb5b211ab8c1e2a26ef70
b527a6d8f32639274e40dd89eb2233a610247cd58aeeceaea0c2f2f04f31966b
b729b09905a62c133c9b0174589df40b3221c7eaf6862de936dac05f0bdbb7c3
b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60
b8a6b67b95245dbbe4fddb8aa4395636d755750b2affdf62f2256bc5cc3b2b93
b9a0591dd673e4c59e4734c8b6e5ab30e4c4d36642a847175bbe6dbf34c02778
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39
bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf
c03d5c954dc19af0c2add1db27ed4f8b8b639d60278786a56692d21b22cb4427
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5
c3d2efe0c332e11a2ef5663ffc72ccf3a6fb369520c4a0c676950479ae5d6e64
c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7
cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2
d037a7753c1aad983122dbbeca69b38e57a18eb69429469e969c838805fda29d
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d56b51ddcb6a79aba6625c899f262182735b0bc6d8adce783e8fd281ca7d3378
d5bf46228ce8838a9a40600288c6064527e4aa2905832976bc7030630b735f5c
d9b83d3b884ccf817c0939817338b99f46ce90fdcdb69b76364304474668ddd8
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e38f2e873c9ec64c6efc2f1d5ac8d1f09f6982b62bf17e40c81db3ec1d88bc27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00e7189ae96ab402024977a14b12a6ae9e0bedc31ba5b92d4100d8e4abed22f
f26f70e695deff8602d6c1db678100aa20eb92e2fafdd16b7a064d3b030f74d4
f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

308 Requests

77 %HTTPS

0 %IPv6

50 Domains

92 Subdomains

59 IPs

12 Countries

3955 kBTransfer

11394 kBSize

65 Cookies

18 Outgoing links

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

77 %
HTTPS

0 %
IPv6

50
Domains

92
Subdomains

59
IPs

12
Countries

3955 kB
Transfer

11394 kB
Size

65
Cookies

308 HTTP transactions
3 data transactions