www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Submission: On August 03 via manual (August 3rd 2023, 1:33:12 am UTC) from US — Scanned from PT

Summary HTTP 313 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 33 domains to perform 313 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
1 10	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	172.67.71.254 172.67.71.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.108.153.15 193.108.153.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	193.108.153.25 193.108.153.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
39	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	52.68.208.5 52.68.208.5	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
41	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
20	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
20	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	172.64.165.28 172.64.165.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.30 18.66.97.30	16509 (AMAZON-02) (AMAZON-02)
3 3	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
10	23.38.81.233 23.38.81.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
2	23.37.226.112 23.37.226.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.64 108.138.7.64	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	3.233.146.33 3.233.146.33	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	18.66.97.34 18.66.97.34	16509 (AMAZON-02) (AMAZON-02)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	34.255.212.168 34.255.212.168	16509 (AMAZON-02) (AMAZON-02)
2	54.199.134.236 54.199.134.236	16509 (AMAZON-02) (AMAZON-02)
24	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
6	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 8	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
8	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
4	216.58.212.161 216.58.212.161	15169 (GOOGLE) (GOOGLE)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	3.124.251.238 3.124.251.238	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
2	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
2	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
313	51

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-15.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.108.153.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-25.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.68.208.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-208-5.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

d-13269575093767967297.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.165.28 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.211.47 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.38.81.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-81-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.226.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-226-112.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-64.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.146.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-33.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-34.fra56.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.255.212.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-212-168.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.199.134.236 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f1.1e100.net

3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.210.196.208 (Ashburn, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.251.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-251-238.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com 0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com 5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com	972 KB
67	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 861 trc.taboola.com — Cisco Umbrella Rank: 616 vidstat.taboola.com — Cisco Umbrella Rank: 2544 il-trc-events.taboola.com — Cisco Umbrella Rank: 18940 images.taboola.com — Cisco Umbrella Rank: 1756 imprammp.taboola.com — Cisco Umbrella Rank: 13588 am-match.taboola.com — Cisco Umbrella Rank: 13614 wf.taboola.com — Cisco Umbrella Rank: 2645 am-vid-events.taboola.com — Cisco Umbrella Rank: 12767 vidstatb.taboola.com — Cisco Umbrella Rank: 4741 pips.taboola.com — Cisco Umbrella Rank: 1537 cds.taboola.com — Cisco Umbrella Rank: 1770 am-wf.taboola.com	1 MB
28	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	798 KB
26	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155 eus.rubiconproject.com — Cisco Umbrella Rank: 618 token.rubiconproject.com — Cisco Umbrella Rank: 613 pixel.rubiconproject.com — Cisco Umbrella Rank: 380 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30277	59 KB
14	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 34825 sync.aralego.com — Cisco Umbrella Rank: 3157 agent.aralego.com — Cisco Umbrella Rank: 259927	10 KB
12	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13254	204 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 427	219 KB
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1659 www.google.com — Cisco Umbrella Rank: 3	14 KB
8	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 ads.yap.yahoo.com — Cisco Umbrella Rank: 13862 geo.yahoo.com — Cisco Umbrella Rank: 1344	3 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 18007 e3.adpushup.com — Cisco Umbrella Rank: 18875	277 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	552 B
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 96246	39 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	1 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62021 sync.logly.co.jp — Cisco Umbrella Rank: 67250	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26212 audiencedata.im-apps.net — Cisco Umbrella Rank: 28818	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 561	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	113 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 973736	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	913 B
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9286	505 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	84 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 29387	11 KB
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1823	409 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	146 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1198	635 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20002	3 KB
1	ampproject.net d-13269575093767967297.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 417	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88617	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
313	33

	Domain	Requested by
41	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co agent.aralego.com www.googletagservices.com
24	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.bg3.co
20	il-trc-events.taboola.com	www.bg3.co
18	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net agent.aralego.com www.bg3.co www.googletagservices.com
15	cdn.taboola.com	www.bg3.co cdn.taboola.com
14	images.taboola.com	www.bg3.co
12	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	eus.rubiconproject.com	ads.aralego.com imprammp.taboola.com nt.compass-fit.jp eus.rubiconproject.com am-match.taboola.com
8	www.google.com	tpc.googlesyndication.com
8	token.rubiconproject.com	1 redirects eus.rubiconproject.com
8	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
7	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
6	www.google-analytics.com	www.bg3.co cdn.ampproject.org www.googletagmanager.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	agent.aralego.com	4 redirects
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	geo.yahoo.com	adx.holmesmind.com s.yimg.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	trc.taboola.com	cdn.taboola.com
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	s.company-target.com	1 redirects
1	x.bidswitch.net	eus.rubiconproject.com
1	cm.g.doubleclick.net	eus.rubiconproject.com
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	vidstatb.taboola.com	www.bg3.co
1	audiencedata.im-apps.net	dmp.im-apps.net
1	ups.analytics.yahoo.com	am-match.taboola.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	pixel.quantserve.com	www.bg3.co
1	imprammp.taboola.com	vidstat.taboola.com
1	l.logly.co.jp	nt.compass-fit.jp
1	fonts.googleapis.com	cdn.taboola.com
1	rules.quantcount.com	secure.quantserve.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-13269575093767967297.ampproject.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
313	68

This site contains links to these domains. Also see Links.

Domain
www.conselhosetruques.com
popup.taboola.com
storytohear.com
1t5cbr.llsdzktnxwnnr.com
rxh511.llsdzktnxwnnr.com
trc.taboola.com
bc628b.vsgzddj.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 48 frames:

Primary Page: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Frame ID: F769808B42EE969C27C7A6D9531188F0
Requests: 149 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 871934F81A5BCC2E4C39A8689D6DC84D
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0142E8E2E6AF6D3D76A1D540FB73E0AB
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6F421F2BB55D490BD25A62219F9B2258
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 0E72B4D0EE192316136D060B59ECDDE9
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 97330A8122D1814C6CB0477FD2F8BB76
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 54073187C390DB01353CF2C05993D9F8
Requests: 12 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=undefined&cb=1691026385549&uv=3312&tms=1691026385549&abt=id5mc_vA!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c1f61cc3-0971-428f-9ec3-ed553fe40139&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 21334C7E36C0F2673A2E1F80057AA01D
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 66821BF30D3A9DE81E8B83200DCB4AB1
Requests: 4 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: C1726A61B482C88E6F501CF338BAB377
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 5CF14A7305AAEB7C38C1FE1D3DD8C12B
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 79AC859CF3E1EF5C4E952D287EDEC958
Requests: 3 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: E7EC4A2DA666E7AD649DEF333B7C658E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 50AD84A2BBE47D206793641913282644
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-232488136613537022&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3290&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=735005027&ga_cid=amp-q7vc-ZJ-qKiUjZJr35OKew&ga_hid=5027&dt=1691026385477&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&bdt=1877&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 8D5F95C2D8BA27E4E85297AD906DAAE8
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: A289FBAD819D8E28678A547B23ED4DCE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7892C127AD20C682B23558F5F66B8CAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 741658E834A4E9B56392F3929FC98783
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EAEC34C8D6DA895D7B07605FFDFB718
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 72FFB53E6E387DB7D843247C48C2CCF6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 7CD2F956F13586FA22DE15CBB6F5A937
Requests: 3 HTTP requests in this frame

Frame: https://3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BB18ECE3A5EB5250E0523B2F35F32CA4
Requests: 1 HTTP requests in this frame

Frame: https://0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 36D5631B8868F0AD250AF40CBA4C1BC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FED1D199E67337DF230E360DBD9C59BE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10A3FAABB75D024281801B85ACC79FAD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72BBF0C4E1FAB2B710896C4290F4956D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A235D2E920099F79C84CB9B12CC5A5AF
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 424CA624322A6737C100864D01C0FDE1
Requests: 6 HTTP requests in this frame

Frame: https://f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 0D5C2B80D3880D5E278BE25B3A3CBFCE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5F63601A127AAED9B9552C8FC0A5661
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1727A551D8C1C073B9DF2D1A1A9C3213
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTFoKfP0O7IvU4P9qhTRdwdW3P5BNoulQUwJ-DAGWLQVgPEHp8M1RxwXvj8NB4MGZbi1LTvGl4LmU9W3XlnrPVJpyGuDGy-hn8I4_4K9u4cE7vO-8Ak1aznbh-B-lt2E8uAzHR23Xebcc3WMiKULzp7LpTVXydFFq04vMVJWcfJmB_zqO6WKKErKk8WuzGZufw0sZDfzGWvNRLHu04OVP4XvBpvJCTcvjWM7PyNzLS0G6SPjk3srGTPChVi_Xx34W4Qg0ZzsFn_7QFtwhezFn2UXGm3K3HKOCY4TZCNt4NorEwbVhYJHW3ILHmNu7QYngfPugtjwxbkSS-&sai=AMfl-YSYen1sdh0hpTEJp7F3l4xwpWXW63_EnT6iekuhzmWL4YeO7yrC7lU4gwMCb3ty1Fs6ZZPtAtezkY8sq6_5bOhlutYSfeBsVnGJyg&sig=Cg0ArKJSzHKMCKNsNsp0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0363FD39B7C35088BD2FADC6939AF2D2
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: E3601918D609FC1165591E29ABB58CB1
Requests: 6 HTTP requests in this frame

Frame: https://5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 4A559CFCCE07B4CACA5EC2F0BA4C2F1B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwG5JXOBYvq0B-5vUcxSYHUH5_RFznzT8mjFALAkj65bevvM1yiWkbTh1o-rUnVn1WKTQTCqyUXDVUoeBuzepjiqgmKP-YUx5ubC85nLkgHNgQ7Dfrytoe-9HfWz80e6RXkXWh97tFdFk2Yl_KytpE0-TNjGdTjey-zp2Ac7o4wSa22RO40YhvUSDuQldgIumpP9p3jxI-Eof3YBQ_H6T64sqacow60kDg5jj0trCgvPS8TV0cnrWCsQwXFgbyISHqFIWJK9kn2Ay_usGc410F5e4GeAtu3Qt8Qu2dfEMN_idNaGGGV86QXgguVt1hnqWiUkw895_04z7_&sai=AMfl-YTqk5GPlXQH783zKzJoxzGE0aOYgwu1jZ1YWn3ueTJr0bF6BUw-5NPezCRNcq_EiQlbnmjxm_BA0zVDJFcKx39SK8Nc5RGYQkwFbg&sig=Cg0ArKJSzBsw2CTPdVrFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E3B573960C70B81A3311240C1FDFB792
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDF107FEEDF1C262AE09163E407B61DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3B0088A777478267D0A7888BC866769
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: CB59967A3B42D90EA1B25130F2A558B4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html
Frame ID: 95ADA9CF43F88A9A92C52BE7A5980A24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 0AA57428D0D0F807A57F88B4FA079A3B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=1470507226&lmt=1691026390&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390579&bpp=3&bdt=695&idt=142&shv=r20230731&mjsv=m202308010102&ptt=9&saldr=aa&nras=1&correlator=5148572287163&frm=8&ife=4&pv=2&ga_vid=2011260411.1691026391&ga_sid=1691026391&ga_hid=1277823739&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3940415668&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C31076510%2C31076511%2C31076687%2C31076700%2C44788441&oid=2&pvsid=2567108539035815&tmod=491473432&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.eeasvcqt96xk&fsb=1&dtd=162
Frame ID: 2A67F82799FF34E46EF70353AE82F4D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=2272724308&pi=t.ma~as.9099904862&w=300&lmt=1691026390&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390579&bpp=2&bdt=695&idt=150&shv=r20230731&mjsv=m202308010102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5148572287163&frm=8&ife=4&pv=1&ga_vid=2011260411.1691026391&ga_sid=1691026391&ga_hid=1277823739&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3940415668&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C31076510%2C31076511%2C31076687%2C31076700%2C44788441&oid=2&pvsid=2567108539035815&tmod=491473432&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b44f8grop5hi&fsb=1&dtd=169
Frame ID: 52CA381B7C44194D7846015AA155CC09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02E778FC8E7D4775E13CB49B6EFBFE0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5D669CA88F1C06FD667D5B4A99D0F3D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1691026390&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390804&bpp=4&bdt=620&idt=163&shv=r20230731&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=5349190888647&frm=8&ife=4&pv=2&ga_vid=935830413.1691026391&ga_sid=1691026391&ga_hid=1439406150&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3579293590&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076510%2C31076733%2C31076448%2C31076693%2C44788441&oid=2&pvsid=839725920084735&tmod=256106718&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.bvh60kbd3myb&fsb=1&dtd=186
Frame ID: 9A26C9301C803EBBE18AAACBC4BCA13E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1691026390&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390804&bpp=2&bdt=620&idt=171&shv=r20230731&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5349190888647&frm=8&ife=4&pv=1&ga_vid=935830413.1691026391&ga_sid=1691026391&ga_hid=1439406150&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3579293590&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076510%2C31076733%2C31076448%2C31076693%2C44788441&oid=2&pvsid=839725920084735&tmod=256106718&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rwpa5nsj9p28&fsb=1&dtd=195
Frame ID: 6BF01BF2CACBAB2B953F54324A8FCFF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 13B4D5C959F0DB8F3D276595A2DD194B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57B94953A1601E48C41F0D8DC464BAAE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

《美人魚》終極預告曝光！　羅志祥抖章魚腳比林允搶鏡 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

313
Requests

89 %
HTTPS

0 %
IPv6

33
Domains

68
Subdomains

51
IPs

9
Countries

4421 kB
Transfer

12533 kB
Size

14
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.conselhosetruques.com/casa-jardim/casa-estava-vazia-desde-1950-dentro/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://storytohear.com/pt/ho-to-clean-a-burner/
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/varios/garagem-dentro-inacreditavel/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://rxh511.llsdzktnxwnnr.com/
Title: Piscinas | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&ri=3d0ec9905a7949485fc0aaf0ff2fa188&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&it=text&ii=~~V1~~5831013207509827443~~7XZrenaG575WdABofaEUFxGzC0ujIp-0gffcOyh3WmN9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15l1mVd4DmaUfz5E2bcg-knnQo5CV9JIn-aTKexzYsSfgg41dgAZMtE3ficY8PD7d0xLoHeXOFqQsuvibucL6JNME3FIWDZNlT7mtVeMfctYZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=f6019e419b4897006816109185124ec7f7178bf717d0&redir=https%3A%2F%2Frxh511.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DA%2Bnova%2Bgera%25C3%25A7%25C3%25A3o%2Bde%2Bpiscinas%253A%2BOs%2Bpre%25C3%25A7os%2Bem%2B2023%2Bpodem%2Bsurpreend%25C3%25AA-lo%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiA7vGr2B2Ez3da1Mni5WgmAiGe6pEhZnHF-yy10x-N3MiCinFwosd-npNCfl7eLAQ%26subid4%3Dea-pt-d-pool1pt-568055-oac3107-tb%26kw1%3DJardim%2BBarato%2BPiscina%2BCom%2BCobertura%2BPre%C3%A7o%26kw2%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7o%26kw3%3DComparar%2BBanheira%2BHidro%2BExterna%26kw4%3DComparar%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw5%3D2023%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw6%3D%7BCity%7D%3A%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw7%3DComparar%2BPiscina%2Binstalada%26kw8%3DPiscina%2Binstalada%2BPre%C3%A7o%26kw9%3Dlista%2Bde%2BPiscina%2Binstalada%26kw10%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7os%23tblciGiA7vGr2B2Ez3da1Mni5WgmAiGe6pEhZnHF-yy10x-N3MiCinFwosd-npNCfl7eLAQ&vi=1691026384338&p=mmosworld-clothing-sc&r=74&lti=app-install-height-v1_ctrl&ppb=CKED&cpb=EhMyMDIzMDcyNC0yMi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNDQ4gODr3wVAhNQMSOfWDFCFz-IDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwjvAxCLBxgJZGMI0UkQoWEYCmRjCK9HEKReGAtkYwikJxCDNRgvZGMItUoQnWIYMGRjCM7__________wEQzv__________ARgyZGMIw0kQpWIYNWRjCJYUEJccGBhkYwjI__________8BEMj__________wEYOGRjCOskEJRRGB1kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAGmzJvImzE&cta=true
Title: Saiba Mais

Search URL Search Domain Scan URL

URL: https://bc628b.vsgzddj.com/
Title: Scooter de mobilidade | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&ri=3d0ec9905a7949485fc0aaf0ff2fa188&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&it=text&ii=~~V1~~7047992365424069980~~BOUYI5GpZ6a2rQ7F8-n80m48mUALocy8-dPfUGtaZa4e79Ni-eBnd8iQ4KmvvX-QPtVvJT2oZsUKTcbUlOwtfGXWZV3gOZpR_PkTZtyD6Sf13HRCAiQEF3b9HwmYHujbKbpz6f2_8QqdQlZQhxHEtL7g5mQE3Oeo6drtgnbY_UxRQh2D2cEFoulXreODML14mkieiAyctcjN_vhIsNyTpA&pt=text&li=rbox-t2v&sig=354cc3b4d5785f7ec73b6f3631e63af7b4c7a27b48f8&redir=https%3A%2F%2Fbc628b.vsgzddj.com%3Fsubid1%3D24831877%26subid2%3D3687099705%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiA7vGr2B2Ez3da1Mni5WgmAiGe6pEhZnHF-yy10x-N3MiCNt1so24m38ZvG-4-rAQ%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNovas%2Bscooters%2Bde%2Bmobilidade%2Belegantes%2Bdispon%25C3%25ADveis%2Bpara%2Bidosos%2B%2528d%25C3%25AA%2Buma%2Bolhada%2Bnos%2Bpre%25C3%25A7os%2529%26click_id%3DGiA7vGr2B2Ez3da1Mni5WgmAiGe6pEhZnHF-yy10x-N3MiCNt1so24m38ZvG-4-rAQ%26dpco%3D1%26tblci%3DGiA7vGr2B2Ez3da1Mni5WgmAiGe6pEhZnHF-yy10x-N3MiCNt1so24m38ZvG-4-rAQ%23tblciGiA7vGr2B2Ez3da1Mni5WgmAiGe6pEhZnHF-yy10x-N3MiCNt1so24m38ZvG-4-rAQ&vi=1691026384338&p=searchps-mobilityscooter-sc&r=39&lti=app-install-height-v1_ctrl&ppb=CKED&cpb=EhMyMDIzMDcyNC0yMi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNDQ4gODr3wVAhNQMSOfWDFCFz-IDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCNIDEOAGGAhkYwjvAxCLBxgJZGMI0UkQoWEYCmRjCK9HEKReGAtkYwikJxCDNRgvZGMItUoQnWIYMGRjCM7__________wEQzv__________ARgyZGMIw0kQpWIYNWRjCJYUEJccGBhkYwjI__________8BEMj__________wEYOGRjCOskEJRRGB1kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAGmzJvImzE&cta=true
Title: Busque agora

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 104

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 107

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 138

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1691026385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026385416&bpp=19&bdt=967&idt=308&shv=r20230731&mjsv=m202307310102&ptt=5&saldr=sa&correlator=8064181764826&frm=23&ife=1&pv=2&ga_vid=1507251396.1691026386&ga_sid=1691026386&ga_hid=1841415576&ga_fc=0&ga_cid=amp-q7vc-ZJ-qKiUjZJr35OKew&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3419&biw=1600&bih=1200&isw=336&ish=280&ifk=3614222628&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076088%2C31076509%2C31076512%2C31076693%2C44788441&oid=2&pvsid=4358230546520394&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mkdf5nj9n2kb&btvi=1&fsb=1&dtd=347 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 143

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1691026385&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026385388&bpp=23&bdt=967&idt=351&shv=r20230731&mjsv=m202308020101&ptt=5&saldr=sa&correlator=8064181764826&frm=23&ife=1&pv=1&ga_vid=994557292.1691026386&ga_sid=1691026386&ga_hid=688099269&ga_fc=0&ga_cid=amp-q7vc-ZJ-qKiUjZJr35OKew&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1674857966&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076088%2C31076510%2C42531705%2C42532335%2C31076701%2C44788442%2C21065724&oid=2&pvsid=1398970234671132&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ny61v9uwapaz&fsb=1&dtd=422 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 147

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 205

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 206

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 209

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 213

https://s.company-target.com/s/rp HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=c4fa06ff-78bc-44d6-9b8e-ec9a881e9446

Request Chain 278

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 280

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

313 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html Show response
www.bg3.co/a/ 54 KB
16 KB 1639ms
1062ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f30f3be8f6888bccb8c6c894afb68a289ac4ae863f65c534c9a508a1e8d31377

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 03 Aug 2023 01:33:03 GMT
etag: "d9dc-7F4ul4xZqWF0UbFN4nizB9X0+iU"
expires: Thu, 03 Aug 2023 01:48:03 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 257ms
82ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

bec100a88725b8aa87c85af62b54a24314255cf4f2f9a40eb49a5f4606b37fd9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 01:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72951
x-xss-protection: 0
server: sffe
etag: "8f4eaea38fc96a6c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 01:33:03 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 271ms
96ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

ac4a5d4f7704bfabd97126241009d730d156e68859c8bd7d0db1f049acc39e95

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 01:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9715
x-xss-protection: 0
server: sffe
etag: "eb48d635b40b4bb9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 01:33:03 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 235ms
82ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 01:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7620
x-xss-protection: 0
server: sffe
etag: "8b05dcb7f07f21a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 01:33:03 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

160ms
49ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5043
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Ffr6wej2atHOa71TMDhkLe%2Bw%2BU8KZnEVhLRdhtcCSQ3AaoMERg%2FnCmHLA2d2iIL1po2Hjtg16WTBmEAoA%2BBWP6jfa%2Bg89X0H8qn678ewlHP01TFXLuiH7O2GucKdcRP5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0acf760a4e94f4-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 250ms
80ms Script
application/javascript 193.108.153.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-15.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: cee485246cdd0c208f39c2c3a38da5966166e82cb8da88809defdcbfa382dcda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 11:54:11 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10019
expires: Thu, 03 Aug 2023 02:33:03 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 650 KB
137 KB 252ms
76ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: c3b841038d3e92059d020f8e07ac081fe3e75b5d274f88107475158bd05a834d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 04:50:44 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691026383748_389467673_287151754_51_1086_35_0_146";dur=1
x-cf-geodata: PT
content-length: 139515
expires: Thu, 03 Aug 2023 02:33:03 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 423 KB
50 KB 293ms
207ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47ddbed3c7db1ccffb186e3d9f9a905ad0b2a762ab94fb23f106faaeb7151d2c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B.CcmElMEkigZNLSR25YyFMppGqP.Kq4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:03 GMT
x-amz-request-id: Q2ZXGG1HQ2W78S5B
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 10
x-amz-replication-status: FAILED
content-length: 50280
x-amz-id-2: c/qwR04qstTcP91iiRjajpsZ3tbdkINEwNB53Wk/WDxP0Eu5glyRc4vupjcofaRTx5XhNWIhESI=
x-served-by: cache-lis1490045-LIS
last-modified: Wed, 02 Aug 2023 20:15:59 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026384.729304,VS0,VE169
etag: "3d9ad73054f2de26d2c07a08ab25d01d73679e5e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 16
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1399ms
537ms Script
text/javascript 52.68.208.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.208.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-208-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 114113a1f50b0fe0dc53192fffec0a92343cd9bbd00450cf51bd79e92a6eb8bf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 185ms
71ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691026384.cdn4-pxy206-mad02.ma1.evs,1691026384.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET c551ea16aaf509fee6d1a76cd1775f0d.jpg
static.bg3.co/imgs/202105/ 0
0

GET d6286253c0c3cd0698be1eefd816f697.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4c97bbc4dbd215a5be14f5e0e14fbbbe.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0171372aec62c33b35e6a6e435e74b53.jpg
static.bg3.co/imgs/202105/ 0
0

GET 068840923bff05c660b1cca4ef198a70.jpg
static.bg3.co/imgs/202106/ 0
0

GET d8598427ae65404b15fd2dc290a0de5e.jpg
static.bg3.co/imgs/202107/ 0
0

GET 54af48081daf213b9c79f57917e63b9a.jpg
static.bg3.co/imgs/202106/ 0
0

GET d2de8889fe086b99f2ab96e0b3aae07a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 97f36ac916548a93f30ca1ff42756527.jpg
static.bg3.co/imgs/202106/ 0
0

GET d1122fbf1bf9fb3b717a56ff917d98ac.jpg
static.bg3.co/imgs/202105/ 0
0

GET 3aeb6781d2b977781894fde482af1229.jpg
static.bg3.co/imgs/202105/ 0
0

GET 42c499e3338770565a54ce77a437e716.jpg
static.bg3.co/imgs/202105/ 0
0

GET 67cc44b7654093b3b15c78fb1340bb9f.jpg
static.bg3.co/imgs/202105/ 0
0

GET d50f98103d11185fa4d06e5cd25b6ec7.jpg
static.bg3.co/imgs/202105/ 0
0

GET b489f1799fe0e69eab212affd8f812d8.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8692b7c910b6e4a622612dd189259743.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8ba165abaff927020f315d99a98a4551.jpg
static.bg3.co/imgs/202105/ 0
0

GET 07ae5f15684617fab5f7ccb68c1c34ab.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2f2dcc1fef8e7bc91ca6a5d20dc2f69f.jpg
static.bg3.co/imgs/202105/ 0
0

GET e1bbc87800ebcf383281fea860ed9986.jpg
static.bg3.co/imgs/202106/ 0
0

GET 6207e745a154ad679b39a489ab3f0372.jpg
static.bg3.co/imgs/202105/ 0
0

GET 10eb172e99ff5cda92c5b1075b557e62.jpg
static.bg3.co/imgs/202105/ 0
0

GET baf64a2d9d5a33edd9885f859f5c754b.jpg
static.bg3.co/imgs/202104/ 0
0

GET c5111c0d7241d2dfa91249f00fe92919.jpg
static.bg3.co/imgs/202106/ 0
0

GET 901313a0a8a5bb30790cae8388958206.jpg
static.bg3.co/imgs/202107/ 0
0

GET e76d398038713e683d909f92c5537cb0.jpg
static.bg3.co/imgs/202105/ 0
0

GET 08c949c5795efb58265b5409a3891ffa.jpg
static.bg3.co/imgs/202112/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 8 KB
3 KB 246ms
90ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

7aabf43feb1a7fc3ab72a0e668ed7a2270a372e6302e3d9c597276da6688b669

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:48 GMT
age: 105376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3024
x-xss-protection: 0
server: sffe
etag: "d7a7f0b16a50c91a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:48 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 82 KB
23 KB 225ms
74ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

3973cb55df9a5b6cb4455c50724a1bd7085b4ef8b1006996def9d92436c4e732

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 105378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23146
x-xss-protection: 0
server: sffe
etag: "1ad3966f9ca1cb05"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 2 KB
777 B 240ms
82ms Fetch
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

63e72d83ce6dbb309f558caa866bd2de5ce84550846247017800ea249b451975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 13 KB
4 KB 235ms
87ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

120d6f4483a00a7bccde9737c262e1085fb41e91ac401ec44ec4faf16ecceab6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:48 GMT
age: 105376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "3d50c9c2d991323a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:48 GMT

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
109 B 39ms
39ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=app-install-height-v1_ctrl
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490045-LIS
date: Thu, 03 Aug 2023 01:33:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1691026384.062428,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20230724-22-RELEASE.js Show response
cdn.taboola.com/libtrc/ 789 KB
164 KB 39ms
39ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2e45d1306e6036820958c5dea9a4a3e90c316e3ea21b7a4020cc8af091bda782

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NAg5Yqr76Zd4I.KcR75jzuxIfKPIPQ4V
content-encoding: br
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: B6M9DF5V5SR6A91Z
age: 26016
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167156
x-amz-id-2: MzZXQ3SvSKke99+NX6pwUOeaxtF1mlHmFKbSXeXlUQYfC+jM97DIX11TqApDzfwRha7Eh6PqS+Y=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:01 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026384.091670,VS0,VE0
etag: "8b01d866324fe1fe44209167316389b0"
vary: Accept-Encoding
content-type: application/javascript
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 66ms
65ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691026384.cdn4-pxy206-mad02.ma1.evs,1691026384.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 84ms
83ms Image
image/jpeg 193.108.153.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1691026384152
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-15.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:04 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Thu, 03 Aug 2023 02:33:04 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 263ms
93ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691026384321_389467673_287151873_54_969_35_0_146";dur=1
content-length: 122286
expires: Fri, 02 Aug 2024 01:33:04 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
560 B 191ms
91ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691026384408_389467673_287151875_42_915_35_0_146";dur=1
content-length: 211
expires: Fri, 02 Aug 2024 01:33:04 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 192ms
93ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691026384408_389467673_287151874_48_950_35_0_146";dur=1
content-length: 18371
expires: Thu, 03 Aug 2023 02:33:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 307ms
127ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

da25b339479e7c7eb79fa0d42dd011348897ada0b0ca4660dfe5c39ac96bef7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28018
x-xss-protection: 0
server: cafe
etag: 796 / 19572 / m202307310101 / config-hash: 14132395313572441401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:04 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 261ms
85ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTEwMjYzODQyNjgsInBhY2tldElkIjoiMDAwMEE3MDEtODRiYjI4NjAtMmVjZC00NjllLWIwNWEtNjUzMGEyZDUyMzRiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21laS1yZW4teXUtemhvbmctamkteXUtZ2FvLXB1LWd1YW5nLWx1by16aGkteGlhbmctZG91LXpoYW5nLXl1LWppYW8tYmktbGluLXl1bi1xaWFuZy1qaW5nLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IlBUIn0%3D&c_b=2311.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:04 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 263ms
86ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:04 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 298ms
112ms Script
application/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

ESF /

Resource Hash

6bf122b7054e352794e08cd127c0c3fe32ecc2a258bde31001745898fbef7cce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fn0aZETdIoVXXfXwehSMLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-fn0aZETdIoVXXfXwehSMLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 226ms
62ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 182350
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 70 KB
18 KB 396ms
390ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=01%3A33%3A04.342&lti=app-install-height-v1_ctrl&data=%7B%22id%22%3A320%2C%22ii%22%3A%22%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690996095317%2C%22vi%22%3A1691026384338%2C%22cv%22%3A%2220230724-22-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12449%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html%22%2C%22vpi%22%3A%22%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3390%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3114.765625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22app-install-height-v1_ctrl%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b1841d6496b396b8024af92c18c36747efb0724510ac8a61244abe15e9213de

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 351
date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 102799
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490045-LIS
server: nginx
x-timer: S1691026384.368550,VS0,VE351
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 40 KB
10 KB 76ms
74ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

813259c2c1f1d3b42d9a6749d793fcc4d9cdf352160fb907c41a0e71c2de0b9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 105378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10409
x-xss-protection: 0
server: sffe
etag: "1f8c29a54f975295"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 213 KB
56 KB 75ms
73ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

7aeb79f60a16395b0f980556f6421e611710f447efd99ad7072d88eb4cb5f94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:17:37 GMT
age: 105327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57602
x-xss-protection: 0
server: sffe
etag: "fbb020b0835c67fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:17:37 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
620 B 50ms
49ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5042
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOFlU5ktrkzvw49OuRLc8mJ%2FoVZYmuEzer%2BHbV%2B9pH1g%2Fuj4bV4cC5kX5KtnnYCIXagQ1fCR8tZDHvPuh%2B3m1fYv19v6v9dwBogW9RWgKn1moxZ9o%2B6IILvMmDHMp8yzyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0acf76bb2694f4-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 609ms
151ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6a0411e2bb54a0b2b42b10c4fee4143f56225dedc3d760c3200a33c2dac75aa0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:04 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 577ms
139ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6a0411e2bb54a0b2b42b10c4fee4143f56225dedc3d760c3200a33c2dac75aa0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:04 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 496ms
208ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4110496254209717&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:04 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 496ms
210ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.8013074661518573&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:04 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 311ms
99ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 10 Aug 2023 01:33:04 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 110 KB
31 KB 85ms
84ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

195251f734458153a0d5d070fc3439725d825ecea5bf2d10e2200f54072c36ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 105378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32170
x-xss-protection: 0
server: sffe
etag: "363d8deba5bba0d7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 nameframe.html
d-13269575093767967297.ampproject.net/2307212240000/ 0
0 281ms
91ms Other
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-13269575093767967297.ampproject.net/2307212240000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ 398 KB
126 KB 86ms
85ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49141
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129139
x-xss-protection: 0
server: cafe
etag: 14350311164880230944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Aug 2024 11:54:03 GMT

GET
H2 200 floating-unit.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 40ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 312f5d3b3452d422d91f54a1cd9eac5eb7803b6271bd0872fafd331f761d46db

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .z3VIvVjrAFjFEY1_Nnqe6CLfuPvY2OA
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: FNGQ0SB1Q9Y73MK2
age: 752826
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2474
x-amz-id-2: B4aTLziu2sXtmY21sXs4U/3ueUcQK1RRUmqM8NVTukWHdfudDShGNmapv/M6zlrJkJvdcoxdukc=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:13 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.818013,VS0,VE0
etag: "af134eac1fc5cdb2b55c8f9e66d6fa83"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1678

GET
H2 200 taboola-vignette-new-scanning.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 40ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5df96f02ec095309b81f3c463f2ea906121d8cd95b1fe3b6472a50d0f40bb6ea

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: U0mFtUg7AVzjKThK_xc3tpZ2eH2kX8cl
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: M5Z6CVMMZMDAJMM1
age: 753054
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 8011
x-amz-id-2: KBfi2MDvWiFJluQqrqgrgP5dhXikCt+uvL6gJgc/6ulIL2b8neAWoQzlBq+Pw95oaf4s2P4Kplw=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:33 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.818939,VS0,VE0
etag: "c94ba3d5ec8870b80ecd728c5d674e23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 13
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 966

GET
H2 200 distance-from-article.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 41ms
41ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac9b3fd5d4536e08e84286e2b1609fd556d061553dead32c4006972865a203ca

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pmlfxaMkf58F3bbfTrW8Vi5_AH_f6mND
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: M5ZB9N1HT64JMCFM
age: 753054
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1133
x-amz-id-2: hMF8rvVjeMc4HT6eNahjwNyld9emtClXfO6n0umfXvVA5B89hrpuiwF3cetKddUZMCbnSdi9OkE=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:03 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.834120,VS0,VE0
etag: "6b9013efce25433599ba6a0e22aeef1e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9271

GET
H2 200 article-detection.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 43ms
42ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db3a22d233f4e5bb4e6b74af67901d56e31ff5328343887ae30ad57644431c7b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: R40ksh3B7bPV6wMBqsnV_._1Mpc07jKh
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: M5Z0SWVH3RCJW8C5
age: 753054
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1272
x-amz-id-2: /aXUYJclyEX3kBjfo5tJr75TRlPGWvNk2WwAv/NuVRVpEtaJWvGC4nSi5sKxTdQopoz1td6oXEQ=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:13:55 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.834286,VS0,VE0
etag: "5663bd751c54ed7f89cbc5540c9743fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9226

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.7/ 123 KB
35 KB 49ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:04 GMT
via: 1.1 592fdb72142153f4ac204b48e22d9036.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 156361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35439
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 01 Aug 2023 06:05:58 GMT
server: AmazonS3
x-timer: S1691026385.838301,VS0,VE0
etag: "d79f8f745c3d1249268e49970ed0fc7f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: KOWJJMeYFYLJkcsgF4dr1c4FFPPSo8rNpNZ1jnvZD8XA5TQGZY6YvA==
x-cache-hits: 5550

GET
H2 200 feed-card-placeholder.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 46ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22c151a9591ffc0b492181d688621885c48a0ad53b3a18fa52d26956b0efd503

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9qdrIbJWAPrK9zwI4NyBNEgS.i.DMgbM
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: M5Z0ZG60PG619GH1
age: 753054
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: 9jD614f6cxqH84L1Qwevt7wx7UYjHh/1aeBsndqKRlYiVcXM1H9IR6u4+m4PxiYf2Um1JHrnX4k=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.838141,VS0,VE0
etag: "7272a73243bcb9891c2591057b61167d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6512

GET
H2 200 userx.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 47ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9949829e50fa7f7b67af64827ca019aa4a50fff98b7a5506b66828a4d5e10b30

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sxTPZR8hVorXaaAcL3Bgj9VFE_fa2LFP
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: 2PCWX5J5QXDAM33R
age: 753015
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5399
x-amz-id-2: TrswsRWrx5PlP2qZAvhtrzak+DkPGRilsAvyP0dHNdnRdkhCXCeM+G3PB0Dxc7JRdon3soeigdY=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.845521,VS0,VE0
etag: "3ef6e257f807e0b8bf6d8f9d45d10ffc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 94
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 855

GET
H2 200 explore-more.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 41ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 778e25c0fb0646d0a3caf051fec93045137cd3a39eaa05061edcb1de17e9ee5d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: W72AHKHkQuX7UXxwNjv6hILyUK8QMkem
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: M5ZB05KX3785EAYK
age: 753055
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 8778
x-amz-id-2: MJT/n/1k0VEfpPMhsQcNhkXgwwg0xZc4bdYAgpN6E+JE8BPOMACIxgWlCIIvzOdePkhR4/gmuhE=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:06 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.861672,VS0,VE0
etag: "765ff6026a5db4460ec403c27779e216"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3935

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 902ms
127ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=01%3A33%3A04.798&id=7451&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 903ms
128ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1691026384799%7D&tim=01%3A33%3A04.799&id=8084&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 902ms
128ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1691026384807%7D&tim=01%3A33%3A04.807&id=7&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 901ms
127ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A33%3A04.842&id=3171&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 897ms
124ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.845&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6246&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 898ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.847&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=7117&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 129ms
127ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.900&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4457&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 130ms
127ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.902&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2058&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 146ms
144ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.909&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3057&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 42ms
40ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:04 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 75
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490045-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.941341,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 82
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 12

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 147ms
145ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.967&type=usage&msg=New_CTA-event-1691026384967&llvl=2&id=125&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~5831013207509827443~~7XZrenaG575Wd%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 148ms
145ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.970&type=usage&msg=New_CTA-event-1691026384970&llvl=2&id=4133&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~5831013207509827443~~7XZrenaG575Wd%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 148ms
146ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.971&type=usage&msg=New_CTA-event-1691026384971&llvl=2&id=2890&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~7047992365424069980~~BOUYI5GpZ6a2r%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 149ms
147ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A04.972&type=usage&msg=New_CTA-event-1691026384972&llvl=2&id=5035&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~7047992365424069980~~BOUYI5GpZ6a2r%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 200 house.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/ 197 KB
198 KB 1601ms
1600ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e09e2eb7bfc87ad6c2f71e271e37ee4a95f7edcc24337f898f5131cf2873c26c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1520
date: Thu, 03 Aug 2023 01:33:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
age: 0
edge-cache-tag: 310034493214069822953314247849377690758,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310034493214069822953314247849377690758,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 1306
req-referer: https://www.bg3.co/
content-length: 201814
x-request-id: e8115323cabba3cdaa99efcfca3189f5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200049-IAD, cache-iad-kcgs7200066-IAD, cache-lax10623-LGB, cache-iad-kcgs7200155-IAD, cache-lis1490045-LIS
last-modified: Sun, 30 Jul 2023 20:34:26 GMT
server: nginx
x-timer: S1691026385.011088,VS0,VE1520
etag: "bf916605704b4e1ea7bf9c9636a21012"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 house.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/ 105 KB
106 KB 133ms
133ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 404edfcda07a442d07e6c22ea8cd62ec602b410d4441f9452feae3665ee4137f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
age: 1517183
edge-cache-tag: 310034493214069822953314247849377690758,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310034493214069822953314247849377690758,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 234
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.walla.co.il/
content-length: 107362
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200054-IAD, cache-iad-kjyo7100103-IAD, cache-chi-kigq8000027-CHI, cache-iad-kjyo7100128-IAD, cache-lis1490045-LIS
last-modified: Thu, 15 Jun 2023 14:14:31 GMT
server: nginx
x-timer: S1691026385.012091,VS0,VE91
etag: "49d1e7ebd9c67f248a45f900d452f2b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 0

GET
H2 200 d7d472b2ddc99165fd0fcaa05c75176b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 45ms
44ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75121139206ffbc6b85233db0520027d3cf8dff5c6c2ef536302048d342052c4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
age: 1515701
edge-cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 162
req-referer: https://www.fcinter1908.it/
content-length: 22260
x-request-id: 6eb3a250269198dbb02aaa00ccb35a4f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200118-IAD, cache-iad-kiad7000067-IAD, cache-lga21976-LGA, cache-iad-kiad7000063-IAD, cache-lis1490045-LIS
last-modified: Fri, 16 Jun 2023 18:52:41 GMT
server: nginx
x-timer: S1691026385.015514,VS0,VE1
etag: "fbfbeac49fa04da07e7bc3c3b9c887fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 1, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
20 KB 40ms
40ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7490e1067081974b8a0d835b0328c212ede192a2da2dff3fbbe2a48fe73884f0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 4439648
edge-cache-tag: 628131638865840138074933382416259481994,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 269
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 19996
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000172-IAD, cache-iad-kcgs7200101-IAD, cache-sna10740-LGB, cache-iad-kjyo7100122-IAD, cache-lis1490045-LIS
last-modified: Tue, 06 Jun 2023 16:33:28 GMT
server: nginx
x-timer: S1691026385.045943,VS0,VE0
etag: "e254ef15e2faa87a554831d026d4aa92"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1017, 21

GET
H2 200 old-garage.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/ 76 KB
77 KB 42ms
42ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/old-garage.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c09fcb11840d38e862d0f31b0a252007826f270ad78998d8f4f5321469bbefc2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/old-garage.jpg
age: 445921
edge-cache-tag: 449543832267125988629336057582270550424,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449543832267125988629336057582270550424,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT
fastly-restarts: 1
content-length: 77586
x-request-id: 2126c15a1e84fb0b5dd4a9318c09e38e
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kiad7000137-IAD, cache-iad-kiad7000137-IAD, cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 16:35:41 GMT
server: cloudinary
x-timer: S1691026385.060895,VS0,VE1
etag: "d451b4ce0f2f66a01acbc122fe734af5"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 3a37e8e32d93c981998b5da1357e22f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 41ms
41ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3a37e8e32d93c981998b5da1357e22f8.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf5f136d6133046374dbe85acf45474da9fdf91d685eaa5c3557025243f97644

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3a37e8e32d93c981998b5da1357e22f8.jpg
age: 906532
edge-cache-tag: 488149982841320959024241238406863413705,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 488149982841320959024241238406863413705,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 435
req-referer: https://www.express.de/
content-length: 21830
x-request-id: b868fb9580b27bd53e459a140a3ec4c3
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200056-IAD, cache-iad-kiad7000162-IAD, cache-lga21965-LGA, cache-iad-kjyo7100140-IAD, cache-lis1490045-LIS
last-modified: Thu, 20 Jul 2023 16:27:19 GMT
server: nginx
x-timer: S1691026385.089583,VS0,VE1
etag: "b12bd49bd88d445af1d4601f14696aba"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 47, 1

GET
H2 200 1e24f810ab7a757ed1c10c8e8c889a3c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 49ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e24f810ab7a757ed1c10c8e8c889a3c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2dfe27b88ffa0378bb53d1ad5e1f656d05adb0604b53fdd72ef341160b069c60

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e24f810ab7a757ed1c10c8e8c889a3c.png
age: 3863451
edge-cache-tag: 553977694258997927529468991631023962030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 553977694258997927529468991631023962030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 133
expiration: expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://sandesh.com/
content-length: 20796
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000092-IAD, cache-iad-kiad7000050-IAD, cache-chi-kigq8000078-CHI, cache-iad-kjyo7100037-IAD, cache-lis1490045-LIS
last-modified: Wed, 14 Jun 2023 04:59:58 GMT
server: nginx
x-timer: S1691026385.112658,VS0,VE1
etag: "62529dff8a1ce422e4f0b7c811a586c9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 2364, 1

GET
H2 200 house.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/ 114 KB
115 KB 48ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5aa69f0db0c2952fa2aa02cd6673001e86bfd7e62315a3af9d51c8b972544e23

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
age: 3124263
edge-cache-tag: 310034493214069822953314247849377690758,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310034493214069822953314247849377690758,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 1308
expiration: expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://theseniormag.com/
content-length: 116314
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200063-IAD, cache-iad-kjyo7100102-IAD, cache-lax10666-LGB, cache-iad-kcgs7200093-IAD, cache-lis1490045-LIS
last-modified: Sat, 17 Jun 2023 08:40:05 GMT
server: nginx
x-timer: S1691026385.132737,VS0,VE1
etag: "33a992675327d93b1ab62c7c57b973aa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 1, 1

GET
H2 200 d7d472b2ddc99165fd0fcaa05c75176b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 53ms
51ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3665aacaceaa4bcc670183736fe655c0767bbc33c088e2c2a4c49cf932e3cb00

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
age: 4222721
edge-cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 249
req-referer: https://ballercap.com/
content-length: 49630
x-request-id: 0e8b49cf34380a985099272ae3b4beea
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200118-IAD, cache-iad-kiad7000067-IAD, cache-chi-klot8100067-CHI, cache-iad-kcgs7200105-IAD, cache-lis1490045-LIS
last-modified: Tue, 16 May 2023 15:27:56 GMT
server: nginx
x-timer: S1691026385.178902,VS0,VE0
etag: "fbfbeac49fa04da07e7bc3c3b9c887fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 129

GET
H2 200 old-garage.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/ 70 KB
71 KB 59ms
56ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/old-garage.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 32dc9979083578f034282905b0bce2b9e71382fbd680a9f7ce92f47116fbba9e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/old-garage.jpg
age: 4091630
edge-cache-tag: 449543832267125988629336057582270550424,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449543832267125988629336057582270550424,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 250
req-referer: https://www.ouest-france.fr/
content-length: 72036
x-request-id: 5fd29b0926ed7991f0074369aea78b55
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kiad7000092-IAD, cache-lax10636-LGB, cache-iad-kiad7000043-IAD, cache-lis1490045-LIS
last-modified: Mon, 22 May 2023 17:17:19 GMT
server: nginx
x-timer: S1691026385.178961,VS0,VE1
etag: "da51a0b0999869267791ec159eb77ed2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 1, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
70 KB 63ms
62ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 4095275
edge-cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 399
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 70920
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kjyo7100036-IAD, cache-sna10723-LGB, cache-iad-kiad7000022-IAD, cache-lis1490045-LIS
last-modified: Tue, 06 Jun 2023 13:58:16 GMT
server: nginx
x-timer: S1691026385.203844,VS0,VE1
etag: "1c90d421946f35c8a49a65461da750a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 797, 1

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8719 92 KB
32 KB 252ms
97ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

adca2f060e122a2e91558d2092a7b9cfcc9290ed24751a5d3ea391db6f8ed53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32758
x-xss-protection: 0
server: cafe
etag: 10563041508537748726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0142 92 KB
32 KB 298ms
147ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a9259dff6cfde73b43435e96b80eded7ce9a880c8505f0f372035c3665f7768e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32846
x-xss-protection: 0
server: cafe
etag: 1261743579409983216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 2 KB
886 B 80ms
75ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 105382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "04ae58ebce20b996"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 684ms
56ms Fetch
application/json 172.64.165.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.165.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20506
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 19:51:19 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9JrvIjrKp99Jb%2FEZV3qrzIHbE2N53CmklSV8eFFlCE6yh86esch7A5LYo5Iv6kY0LFgKbUVuLu1BinmwCAZGZLPEfH6jCMe%2Fm1Dme%2FUV%2FThAS3OtpV8IvDuvm5lO%2BJ844ObvZySZRu3BWBJJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7f0acf7e993ed665-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 3 KB
956 B 73ms
73ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 105382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "1e21a00c5f0706dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
635 B 548ms
76ms Script
application/javascript 18.66.97.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:17:16 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 5zRfMrTx2B52tYxDTCMFAVNM3KBdc0EPqW1AyL5Q7bcnENRuAXhDZg==

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 6F42 714 B
777 B 58ms
58ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 5310
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f0acf7aec1a4894-LIS
content-encoding: br
content-type: text/html
date: Thu, 03 Aug 2023 01:33:05 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUUCPEm5%2FMjj%2F7Krp3jdcps3uLP0QmwM87NwK37Ie7JkWJoYenXJK%2BH8K9ZjXkXWRLMS8M7BHG0GF6AyRGNpPGq%2BiHiVQiUdYUO%2F50vZp4pd3e85peEIiLiSmODcTVGpug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0E72
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

255ms
78ms

Document
text/html

23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 01:33:05 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Aug 2023 01:33:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 434ms
146ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:05 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 9733 714 B
740 B 69ms
69ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 5310
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f0acf7afc254894-LIS
content-encoding: br
content-type: text/html
date: Thu, 03 Aug 2023 01:33:05 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSwCga6aGuIdWq0SM24ZKzhf3rskZxZNX5R6ZdErMRqVeeRQ%2FSm5T8N2wQ9jTssLIg66ho%2FCLe%2FK9zAQgybFUsgBF4pZaZrJ4UtdK4N71uSMrVvq4F%2FJWGqB4zb2FQ83zw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5407
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

254ms
77ms

Document
text/html

23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 01:33:05 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Aug 2023 01:33:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 next-up-widget.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 55ms
54ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b716ca55d75d073ff68df99fc2cc8b7b2ddf87dcd2a7886300d76c682bf0c83b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cSPu74pyT0LS0RHLLim27RvjvGI.Pl4r
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:05 GMT
x-amz-request-id: FNGXNWSWHC2BAFHK
age: 752827
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4624
x-amz-id-2: Kli8EAqAkvE1ckIcd4b8HbjOgjz875DZt1EzoA4EcLocEpmGNvhlPtr26/enOd18x4dCPyN6tQA=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:17 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.125282,VS0,VE0
etag: "f00f34555426dc6aaf08f6c8c1130234"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1636

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 194ms
192ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1667%7D%22%2C%22eventTime%22%3A1691026385265%7D&tim=01%3A33%3A05.265&id=2733&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 150ms
148ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A33%3A05.279&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=699&cv=20230724-22-RELEASE&lt=app-install-height-v1_ctrl&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85803

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 476ms
87ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 23:54:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H2 200 spa-detector.20230724-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 61ms
60ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230724-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e8609ac3b8fde7662ac69a8ce09a1422f8d8daf634a7836d75bff5b39c61faf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 65nrvxZjnVQPUK1zRAdxqVBabxs9Znns
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:05 GMT
x-amz-request-id: WPZJKQXMKHX9E5KG
age: 753051
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 810
x-amz-id-2: 9lHI6rZwMNtEmDWJzxNGPThHZx+lO2YtCVTumLHbVqkZDVXJS8NOesOdhl+Y4kU5Q3whJvAw/9Y=
x-served-by: cache-lis1490045-LIS
last-modified: Tue, 25 Jul 2023 08:14:24 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691026385.355121,VS0,VE0
etag: "2e5354e85b0d84736a034c2feb4e5736"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4075

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 195ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A33%3A05.293&id=8583&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 196ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1691026385308%7D&tim=01%3A33%3A05.308&id=2046&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 196ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A33%3A05.311&id=4793&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 198ms
196ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1691026385313%7D&tim=01%3A33%3A05.314&id=9972&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 445ms
79ms Script
text/javascript 23.37.226.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 511ms
302ms Script
text/plain 108.138.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MTAyNjM4NF8xX2JmOWEwNmE0ZmM2MQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Aug 2023 01:33:06 GMT
Via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: z6N9g3OrRxuTVpVZq3qVQvHoq0XS-B-BdZuGZQSKoPya_pkash587w==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 421ms
84ms Fetch
application/json 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 199ms
197ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=app-install-height-v1_ctrl&ri=e0f6c77a8f79f9b294082cff5b257891&sd=v2_0a9708c7e5bf4902030db6727f23e426_e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950_1691026384_1691026384_CNawjgYQ2YJdGNLLm8ibMSABKAEwswE4hNQMQOfWDEiFz-IDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&pi=/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&wi=-5563439619125673496&pt=text&vi=1691026384338&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.765625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A33%3A05.382&id=3655&llvl=2&cv=20230724-22-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/ Frame 8719 371 KB
125 KB 133ms
133ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_fy2021.js?bust=31076701

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

42d12985e4e2496cf02cb17f392c1c621764b222ec223013e37cda04d96b15ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128247
x-xss-protection: 0
server: cafe
etag: 3139746685619675433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H2 200 house.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/ 11 KB
12 KB 40ms
40ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88df65a6415b8df0c9a7cd4dd874368a3d00f22b2e37d165158fc0fb7b948d2b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/house.jpg
age: 999459
edge-cache-tag: 310034493214069822953314247849377690758,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310034493214069822953314247849377690758,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 399
req-referer: https://mejorconsalud.as.com/
content-length: 11290
x-request-id: 905cd6627d6f9ca23cfc9985cf0f0d0b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000106-IAD, cache-iad-kjyo7100164-IAD, cache-lga21953-LGA, cache-iad-kcgs7200118-IAD, cache-lis1490045-LIS
last-modified: Thu, 29 Jun 2023 12:47:38 GMT
server: nginx
x-timer: S1691026386.772341,VS0,VE1
etag: "75140c63d951950fc3e87e0cabb03d2c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 d7d472b2ddc99165fd0fcaa05c75176b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 52ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02e0876345c1eb93793970c6625afc5cbd68044ee2504ddf875c1f6dd82e6abd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
age: 2613857
edge-cache-tag: 404254293889025526933557156616791063751,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404254293889025526933557156616791063751,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 90
expiration: expiry-date="Fri, 21 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sportnews.eu/2023/07/02/carolina-stramare-costume-perde-stoffa/
content-length: 6752
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100090-IAD, cache-iad-kiad7000092-IAD, cache-lga21935-LGA, cache-iad-kcgs7200148-IAD, cache-lis1490045-LIS
last-modified: Tue, 20 Jun 2023 10:26:24 GMT
server: nginx
x-timer: S1691026386.790094,VS0,VE8
etag: "a29c6a05e160865a3779599e931968bb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 7, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 42ms
41ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2635466
edge-cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jnportugal.com/
content-length: 6196
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kiad7000029-IAD, cache-sna10730-LGB, cache-iad-kiad7000025-IAD, cache-lis1490045-LIS
last-modified: Tue, 06 Jun 2023 15:55:33 GMT
server: nginx
x-timer: S1691026386.814121,VS0,VE1
etag: "4dacb31c72359ff4d305c3c8787a1e5c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 318, 1

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/ Frame 0142 367 KB
125 KB 129ms
129ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ba1573e71010ae0e7c093f3613ca3c79aa73f9afddd397cbc592e62e90a85197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127871
x-xss-protection: 0
server: cafe
etag: 3123904553198534991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 2133 577 B
427 B 88ms
81ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=undefined&cb=1691026385549&uv=3312&tms=1691026385549&abt=id5mc_vA!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c1f61cc3-0971-428f-9ec3-ed553fe40139&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 89c98a9c7a8afa4a8d27441e2fe85c2928d71021e4ed4a10cc53a5f3167a88d1

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 03 Aug 2023 01:33:05 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490045-LIS
x-timer: S1691026386.695176,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6682 439 B
534 B 250ms
78ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6776b347156d0a2704147cabdea67ae468aa98cd410c0e9f0d94b7ba580055b5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 03 Aug 2023 01:33:05 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
784 B 117ms
116ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691026385554&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1536&pt=1142675792&tz=0&viewable=true&ddast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=id5mc_vA!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 561a5bbef435b3225bcfc01da06de59c4ca0cb94f4f9eb0210b4f6c7c467524b

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1478
x-cache: MISS
x-served-by: cache-lis1490045-LIS
pragma: no-cache
server: nginx
x-timer: S1691026386.575040,VS0,VE75
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 271ms
89ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=31589837&cb=1691026385549&uv=3312&tms=1691026385549&abt=id5mc_vA!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1691026381957.4!ts:1691026385548&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-length: 0
server: nginx

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 480ms
162ms Fetch
application/json 3.233.146.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-146-33.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvbWVpLXJlbi15dS16aG9uZy1qaS15dS1nYW8tcHUtZ3VhbmctbHVvLXpoaS14aWFuZy1kb3UtemhhbmcteXUtamlhby1iaS1saW4teXVuLXFpYW5nLWppbmcuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 449ms
448ms XHR
text/html 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvbWVpLXJlbi15dS16aG9uZy1qaS15dS1nYW8tcHUtZ3VhbmctbHVvLXpoaS14aWFuZy1kb3UtemhhbmcteXUtamlhby1iaS1saW4teXVuLXFpYW5nLWppbmcuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 01:33:05 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=361, ak_p; desc="1691026385599_389467673_287152114_36617_1041_40_0_219";dur=1
content-length: 555
expires: Thu, 03 Aug 2023 02:33:05 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6F42 80 KB
27 KB 108ms
101ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a9bcfeccdabb2efe79ca4269a4576b47b3b40beb028358830eb27948af064206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27699
x-xss-protection: 0
server: cafe
etag: 434 / 19572 / 31076660 / config-hash: 14132395313572441401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9733 80 KB
27 KB 162ms
156ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

16115dffdacfd399af1f392baf830a8ea41570cd9370921eb681ca8d622ac043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
server: cafe
etag: 203 / 19572 / m202307310101 / config-hash: 14132395313572441401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:05 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_1_2/infra/ 889 KB
148 KB 140ms
50ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_2/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690722136
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 0T3HRDMBQQR05FBF
age: 304122
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690722136
x-amz-meta-mode: 33188
content-length: 150941
x-amz-id-2: K7TTnu6K4ezeBBWw0Eyx9R4jUpfDdAyP214jm8GbTlbckKP067mFnGSJWPkopRwBSyj5QXstOic=
x-served-by: cache-lis1490025-LIS
last-modified: Sun, 30 Jul 2023 13:02:17 GMT
server: AmazonS3-br
x-timer: S1691026386.927102,VS0,VE0
etag: "2653a0c8d7fe85b3a9f7075f29ed0624"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 74990

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_1_2/assets/css/ 60 KB
8 KB 40ms
39ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_2/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690722155
date: Thu, 03 Aug 2023 01:33:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 0T3MPNK4KFB990N2
age: 304122
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690722156
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: rKTWYYaRJmcr+RqRjjpuoIN8zph9Ys/PCs8yO/fKkGxJJanReeNFae7oCjI9idUrDb18LFPKetc=
x-served-by: cache-lis1490045-LIS
last-modified: Sun, 30 Jul 2023 13:02:37 GMT
server: AmazonS3-br
x-timer: S1691026386.723516,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 88891

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0142 379 B
599 B 238ms
81ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f4bfdecca1d58211ad1f18ea135a7216922dff2f38001d9ab27820a20ecc4259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame C172
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169102...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

284ms
92ms

Document
text/html

18.66.97.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 83
content-length: 459
content-type: text/html
date: Thu, 03 Aug 2023 01:31:44 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-id: o3DHl6_cjD4s7vZrfjf3kloVltACOn2eLGWReTNym6Xd1WSvhqGCWA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0142 15 KB
12 KB 91ms
87ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9486ff4441682f55116505a35570ee23d003129bc47cd124f4bc66f59617ab09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11754
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2133 70 B
265 B 266ms
89ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=undefined&cb=1691026385549&uv=3312&tms=1691026385549&abt=id5mc_vA!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c1f61cc3-0971-428f-9ec3-ed553fe40139&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2133 43 B
426 B 268ms
90ms Image
image/gif 34.255.212.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=undefined&cb=1691026385549&uv=3312&tms=1691026385549&abt=id5mc_vA!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c1f61cc3-0971-428f-9ec3-ed553fe40139&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.212.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-212-168.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8719 379 B
314 B 274ms
117ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_fy2021.js?bust=31076701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

79ec8273f7846029e24f21aa8dd8571dbf5ef42ea9c50933e7d838a876c9de12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 5CF1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169102...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

279ms
87ms

Document
text/html

18.66.97.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_fy2021.js?bust=31076701
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 83
content-length: 459
content-type: text/html
date: Thu, 03 Aug 2023 01:31:44 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-id: FfP2t58dseuI9UY3KQ9SoYskNLcEwim2Xc-4TbAn8xaCKLlGTxr2Zg==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8719 15 KB
12 KB 104ms
103ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_fy2021.js?bust=31076701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c48591cdfc185a972b061eda640a0622c21df74c1cccc81c1867970e1e6d1567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11954
x-xss-protection: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 79AC 281 B
554 B 250ms
95ms Document
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=undefined&cb=1691026385549&uv=3312&tms=1691026385549&abt=id5mc_vA!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c1f61cc3-0971-428f-9ec3-ed553fe40139&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 01:33:06 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame E7EC 495 B
664 B 893ms
292ms Document
text/html 54.199.134.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.134.236 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Thu, 03 Aug 2023 01:33:06 GMT
etag: "64c9b429-1ef"
last-modified: Wed, 02 Aug 2023 01:40:57 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 50AD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

143ms
83ms

Document
text/html

23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 01:33:06 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Aug 2023 01:33:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 pixel;r=1520351868;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html;uh=e51ed67dfb8d91dc24b15e...
pixel.quantserve.com/ 35 B
371 B 96ms
93ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1520351868;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1724591069-1691026385079;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1691026385870;tzo=0;ogl=;ses=c0f142e3-72af-4552-9e42-45f1f58f6d76;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D5F 603 B
534 B 294ms
246ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-232488136613537022&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3290&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=735005027&ga_cid=amp-q7vc-ZJ-qKiUjZJr35OKew&ga_hid=5027&dt=1691026385477&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&bdt=1877&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
expires: Thu, 03 Aug 2023 01:33:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 83ms
83ms Script
application/javascript 23.37.226.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Thu, 03 Aug 2023 01:33:05 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0142 17 KB
7 KB 238ms
82ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:06 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame 6F42 398 KB
126 KB 82ms
82ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 13:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42898
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Aug 2024 13:38:07 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 244ms
82ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E3%80%8A%E7%BE%8E%E4%BA%BA%E9%AD%9A%E3%80%8B%E7%B5%82%E6%A5%B5%E9%A0%90%E5%91%8A%E6%9B%9D%E5%85%89%EF%BC%81%E3%80%80%E7%BE%85%E5%BF%97%E7%A5%A5%E6%8A%96%E7%AB%A0%E9%AD%9A%E8%85%B3%E6%AF%94%E6%9E%97%E5%85%81%E6%90%B6%E9%8F%A1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-q7vc-ZJ-qKiUjZJr35OKew&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7981975291794863&gjid=0.10836922048857556&_r=1&a=5027&z=0.11814699034985598&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
106 B 221ms
83ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5027&cid=amp-q7vc-ZJ-qKiUjZJr35OKew&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&dr=&dt=%E3%80%8A%E7%BE%8E%E4%BA%BA%E9%AD%9A%E3%80%8B%E7%B5%82%E6%A5%B5%E9%A0%90%E5%91%8A%E6%9B%9D%E5%85%89%EF%BC%81%E3%80%80%E7%BE%85%E5%BF%97%E7%A5%A5%E6%8A%96%E7%AB%A0%E9%AD%9A%E8%85%B3%E6%AF%94%E6%9E%97%E5%85%81%E6%90%B6%E9%8F%A1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1691026386&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 458ms
67ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-q7vc-ZJ-qKiUjZJr35OKew&aip=1&sid=1691026386&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8719 17 KB
6 KB 105ms
104ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_fy2021.js?bust=31076701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:06 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6682 70 B
264 B 97ms
96ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6682 43 B
425 B 98ms
97ms Image
image/gif 34.255.212.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.212.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-212-168.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 6682 0
125 B 1522ms
86ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ Frame 9733 398 KB
126 KB 104ms
104ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49143
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129139
x-xss-protection: 0
server: cafe
etag: 14350311164880230944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Aug 2024 11:54:03 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
340 B 216ms
215ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=app-install-height-v1_ctrl&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 148
date: Thu, 03 Aug 2023 01:33:06 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 103050
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490045-LIS
pragma: no-cache
server: nginx
x-timer: S1691026386.037894,VS0,VE148
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 96ms
95ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6f045c77105449b9cf249a50595c8c18689dde73a28cc58badeff619316e09cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 03 Aug 2023 01:33:06 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 191ms
191ms Fetch
application/json 3.233.146.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-146-33.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5407 34 KB
10 KB 84ms
83ms Script
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 10:04:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30693
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 03 Aug 2023 10:04:39 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0E72 34 KB
10 KB 152ms
95ms Script
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 10:04:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30693
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 03 Aug 2023 10:04:39 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 1664ms
276ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6WGDV3HKM1DVENSHYBDQFDD
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 03 Aug 2023 01:33:07 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 79AC 34 KB
10 KB 119ms
106ms Script
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 10:04:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30693
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 03 Aug 2023 10:04:39 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 50AD 34 KB
10 KB 102ms
101ms Script
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 10:04:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30693
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 03 Aug 2023 10:04:39 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 39ms
39ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 1865909
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490045-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1691026386.260876,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 266552

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/ 446 KB
84 KB 40ms
39ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690439347
date: Thu, 03 Aug 2023 01:33:06 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: A3N10TATEMVHA5QR
age: 586958
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690439362
x-amz-meta-mode: 33188
content-length: 85839
x-amz-id-2: YpLsidS2POsIKt23Ufq53o+kIa+03QWIhvzNyWX5RqYAx9tb3V1X7ZUuAJ8mMhdUUbsPS9EPyeA=
x-served-by: cache-lis1490045-LIS
last-modified: Thu, 27 Jul 2023 06:29:23 GMT
server: AmazonS3-br
x-timer: S1691026386.294184,VS0,VE0
etag: "b33cf048d4d632bd93b30c09e2201e4c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 194473

GET
H2 200 sync Show response
am-match.taboola.com/ Frame A289 577 B
671 B 78ms
78ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 89c98a9c7a8afa4a8d27441e2fe85c2928d71021e4ed4a10cc53a5f3167a88d1

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 03 Aug 2023 01:33:06 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 79ms
77ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&cmcv=&pix=31579697&cb=1691026386283&uv=3312&tms=1691026386283&su=3&abt=id5mc_vA!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5407 284 B
536 B 370ms
73ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 40ms
39ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 03 Aug 2023 01:33:06 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 1460547
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490045-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1691026386.392173,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 485061

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
761 B 40ms
40ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 03 Aug 2023 01:33:06 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 18589
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490045-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1691026386.397081,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1470

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0E72 284 B
536 B 334ms
74ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 79AC 284 B
536 B 336ms
73ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 50AD 284 B
536 B 394ms
76ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A289 70 B
264 B 92ms
92ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950
pr-bh.ybp.yahoo.com/sync/taboola/ Frame A289 43 B
425 B 92ms
92ms Image
image/gif 34.255.212.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.212.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-212-168.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7892 13 KB
5 KB 84ms
81ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7416 783 B
1 KB 489ms
82ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

4c706fa6891ab8ec3b09b2884c624b475844b5d3a2454142b731e551ad104664

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IBbjT8EhDLf9jgxRU2VfqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-IBbjT8EhDLf9jgxRU2VfqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
expires: Thu, 03 Aug 2023 01:33:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EAE 13 KB
5 KB 81ms
78ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 72FF 783 B
739 B 486ms
82ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

bcfec993b08befd1f4360a3b4672227540cfcc11168c96b2305eef106f1d1460

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NEFRVH8n-YhfuN_osnEUtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-NEFRVH8n-YhfuN_osnEUtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
expires: Thu, 03 Aug 2023 01:33:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7CD2 281 B
554 B 88ms
88ms Document
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 01:33:06 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6F42 492 B
265 B 111ms
111ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3433421445597075&correlator=1026274673213112&eid=31076660&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1691026386615&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=krwuueenql4y&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1798366990.1691026387&ga_sid=1691026387&ga_hid=1175621792&ga_fc=false&dlt=1691026385664&idt=723

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5fa38a30072ad287ec4f9990462eb0b79b84d34b2c95588842a4db6d9693ce75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6F42 15 KB
12 KB 89ms
88ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

78effd20f3137c2a5f4e4926ad3c7f5cb4f3f5a7fa78cc1502f852753943ae58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11768
x-xss-protection: 0

GET
H2 200 container.html Show response
3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB18 6 KB
3 KB 291ms
87ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
expires: Fri, 02 Aug 2024 01:33:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 83ms
82ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37v0&_p=5027&cid=1611244418.1691026387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691026386&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&dt=%E3%80%8A%E7%BE%8E%E4%BA%BA%E9%AD%9A%E3%80%8B%E7%B5%82%E6%A5%B5%E9%A0%90%E5%91%8A%E6%9B%9D%E5%85%89%EF%BC%81%E3%80%80%E7%BE%85%E5%BF%97%E7%A5%A5%E6%8A%96%E7%AB%A0%E9%AD%9A%E8%85%B3%E6%AF%94%E6%9E%97%E5%85%81%E6%90%B6%E9%8F%A1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 5CF1 31 KB
10 KB 164ms
48ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 16:36:44 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 32182
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 16:36:44 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame C172 31 KB
10 KB 173ms
60ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 16:36:44 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 32182
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 16:36:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9733 492 B
263 B 111ms
111ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=71588366882608&correlator=3701966194483421&eid=31072020%2C31076625&output=ldjh&gdfp_req=1&vrg=202307310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1691026386739&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=i2c1ybnvsyv0&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=456884027.1691026387&ga_sid=1691026387&ga_hid=1798561503&ga_fc=false&dlt=1691026385667&idt=767

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

dc2e935a1e0c8c9dda218fc1e166cda3b86ed878e45b6075bede348ccf7b17ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9733 15 KB
11 KB 91ms
90ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e4077dbb5f338c16febe543c4b1fc9d927c176ec63b7afbc7bfebbaaa77dcf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11744
x-xss-protection: 0

GET
H2 200 container.html Show response
0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 36D5 6 KB
3 KB 275ms
83ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:06 GMT
expires: Fri, 02 Aug 2024 01:33:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7CD2 34 KB
10 KB 84ms
84ms Script
text/html 23.38.81.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.81.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-81-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 10:04:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=30693
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 03 Aug 2023 10:04:39 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5407 0
239 B 303ms
75ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 478ms
478ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230724-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 01:33:06 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 2612
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490045-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1691026387.876188,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 13
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1133

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F42 17 KB
6 KB 80ms
80ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:06 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame E7EC 0
268 B 292ms
292ms Script
text/plain 54.199.134.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.134.236 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-134-236.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:07 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9733 17 KB
6 KB 101ms
101ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:06 GMT

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 50AD 0
239 B 834ms
199ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7CD2 284 B
536 B 74ms
74ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7892 37 KB
14 KB 77ms
76ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EAE 37 KB
14 KB 78ms
78ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 5CF1
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

58ms
58ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5046
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69A2IP13XmRUmfNdlfNCKPbK%2FHB3VUx21b89%2ByOQT6OneGXv7e%2B2z00Vz5jN9AR9X0atMPz8TJ2BRigb7Z5j2vzIbVsaNceVSgTQ43obh%2BXSU9cemrBg%2B%2BUHx5KZRcVvkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0acf8b7c0a4894-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame C172
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

49ms
48ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5047
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUcXluYx%2Be1qgyzPrd%2FyqfA4bb1sren1WaRAnKP4zXqTLlFesNe2P5WCajg0JyQ3X7DzS5r5rXfpnT76GuQIYJXqZCoMVlyHflGtpKbT4%2BhzvxIGdlV4PpQA1yzIFeX5nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0acf8f593a4894-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5407 0
214 B 73ms
73ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5407 70 B
264 B 82ms
81ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 01:33:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
409 B

259ms
85ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5407 0
214 B 98ms
71ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5407 0
239 B 271ms
79ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17404
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sync
x.bidswitch.net/ Frame 5407 43 B
146 B 267ms
83ms Image
image/gif 3.124.251.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.251.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-251-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5407
Redirect Chain

https://s.company-target.com/s/rp
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=c4fa06ff-78bc-44d6-9b8e-ec9a881e9446

0
239 B

86ms
86ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=c4fa06ff-78bc-44d6-9b8e-ec9a881e9446
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 03 Aug 2023 01:33:07 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.rubiconproject.com
location: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=c4fa06ff-78bc-44d6-9b8e-ec9a881e9446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5407 0
239 B 346ms
74ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FED1 13 KB
5 KB 77ms
74ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10A3 783 B
765 B 85ms
83ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

1a41e0bc29c53a7090d3a85031d456e1cd811e07e185e5b2c358432ae692dbe8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-umaZ495SE3Al_N5XPzxswA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-umaZ495SE3Al_N5XPzxswA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:07 GMT
expires: Thu, 03 Aug 2023 01:33:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7416 0
0 109ms
109ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=4358230546520394&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 72FF 0
0 108ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=1398970234671132&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72BB 13 KB
5 KB 78ms
73ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A235 783 B
739 B 88ms
82ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

7112e98f589ecdd5c33b43ad1def7678f4d9cc0a977b8491d71ce9a339843f96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bH4vFH7QkcK5AS63p0-knw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-bH4vFH7QkcK5AS63p0-knw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:07 GMT
expires: Thu, 03 Aug 2023 01:33:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10A3 0
0 109ms
109ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=3433421445597075&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame FED1 37 KB
14 KB 76ms
76ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 72BB 37 KB
14 KB 76ms
76ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A235 0
0 108ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307310101&jk=71588366882608&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8EAE 0
10 B 73ms
73ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q4t20Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7892 0
10 B 73ms
73ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JzSdTw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 64ms
58ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490025-LIS
date: Thu, 03 Aug 2023 01:33:07 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FED1 0
10 B 91ms
90ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WvrVFA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 420ms
133ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=e3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Aug 2023 01:33:07 GMT
cache-control: no-store
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 72BB 0
10 B 73ms
72ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LZU2oA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8719 0
0 111ms
111ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230731&jk=1398970234671132&bg=!8vGl8aXNAAZGOVy5Zjk7ADkAdvg8WpRqPEqi5KmB0FoQ1LxWr9-nbUage62dhCzBl9TqMgSDH8dNni3rP4t9VLtxvW-Il0nd3z0CAAAAzlIAAAAMaAEHCgCiBZww4W4dU0KYp2TWNtZyM8LcbBRa8gmxY9cybEAScOTVNYOjDG32BTyC3Mt2CqVkV1q0rqIjCysOD_SSIklGb4InPfUWpkcSt5mOlZFplqS9pw37ngNr9TsFVt5ATQaO9cDuYEWQjgJoz17EIbfDjMUsDXrzYRYC2hNXXV9tX1uJv3hIsefm8pfu7gfRKQvaDAcw7S3QlQF0KyhYNiwh5c9smQK58vSG4yy8nsSadIqzrld5__lbdFJ5ggzVdorCX9jOQ7qABiST0FYKwDekS9WEbcqmjtzPO-Fvpnb5kySDc01iZZUKUqeMauybKNcrp99YWKfG0aO2oa6hhxkiq6r0U7pyXKtBt0rGbmVx_T3A-ENWdnULdcUeHTVK5E0MX98ebI2gS1xM1HzrA9SjKceplOSsL0C5-umtLpfFjK4jAkBR2ceFvRGs3xzaVrXZkmro5sCeYieSgbOTX2iDClkp-4ijJ4QoVN2E8BbK-rBxYNiS0S1_bZEGp564ABKyQ29rBNjADf8_zCGDqu93csmu9nc39cVpAa27hiTVNrRnuOCXNxiTXcyC8A9HV_RxDAgXsXKj7m07-5yNoZexMf60zRSVoVUAqokNEGb33BHovJ7ss045ZYI3buszq8MyufV3Z4B5o1P1qg1QILMHCZlgCNKMJNCAToQeFN8qXdic9H54dq83GvtRIuX7OsdBiUlUAg99vKGNlKwLetQOuNiJ7cEb5VlgCBZ1iCnnxLb_zLeY4kWnDF7_7DFDzZHcaYkmJMMJVJBLWm0dJOwoYPtT_IiePcfu6z6MQi67pciz1fNpL1O7qmYI1qmSMxuJMORhENRO74UBBn3Ep77eCeDffcgzvpacD2UY8Hfkb6KM4fwDgEN-rUO1kphdGinMMokFeldWKhvfoxwHPcU3slc5TsDSbEkZxabBtEHVVkre8VDylCxe4dozsOlDVk0S6D8Jbg8qwT12VP8KYKkh0TKeZV0sFfP8LT3hJF35O9bNhJDKdMgHtPYm-fMHJP0loanwkeDbupAgdYTM636g7o_AR2xhtzQMr8Xe_sqlzSeASyMh-auvLpVIbf8JB8fI2nveGqSkOt0mPBQTH-DParIWzmmA80ZZGvZIeUZoX9UsD4FtZEyu-WTcai3g0g
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0142 0
0 112ms
111ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230731&jk=4358230546520394&bg=!ycqlyp7NAAZGOVy5Zjk7ADkAdvg8WpEVtV-WaImC6g5DZOYMR6ftiUQd01XdSFtAcHNXFpWPojN50DMp6W2Q2xbCfAmuyIG83pYCAAAA5lIAAAAGaAEHmQLD9FxhI6UIc9g-UJRxXnZvx6xQQ7qEY0MxTkCUh1IkvotKcze8FN98zh_YdbYGMMjgG8nAjPmg7JwG37Lscbqx-6s_JEbXp3I1s-HCnmitQxmq9eYVRUfPZRPiZ5RHSAozgVlsHNoWkOywM2-QSN3wb6UFS4FYQm_ENKCy3aBZOhmbmJELp6mzs6ZmAwt4aJLn-I04LZrq8MHPdZ1OWE1ynuBWIVis54zchReh7DZDiQ_yjWEIQXOOFipErvcE42SBEJfoqRPo_KL-62IHYBEaFI1Ds5FylyvTnoVLEllcqnfbBScaeH3fKeMjcl2YFsN-MwdVwrq1pSDzD6QAWrMdbp7Am1t7Ns9mReL6c45DPh5RTRrs4QP7niIeyADeZEgzMAzFqf1NR7GWlDnwGuMCGxS3cQJCNDDRNCSYRsdpN7K7eyyJTZ1A7DjWExvWYJ7L9uri0E9A7bz-wYIFaUqECKyRbWsRk_AB5yViV9PMXl54o0I3oe8UcJcdMzWtHmOp2q6QuDjoda8qwplPeV-quCUijwbIAvNh-2VaCfCAOWxCCZwYdM73BQfMeMbH-fPPmWPXehKn9qB_dktBIlHetNvEFm2qHj8JuY_bZ7vk1oTG6UphLGQIf5jDtuTvGj8OjjLWlxqinnoCCjwrpnQdU0BvBtC-ifd5wTF4EJlDKNjrYf5X6ixTjdrBk3d-95qNup1GB555Qn2vRWTj77PdbzPRTCiXzUcAc_iBla3DLOvY4lN5dXhuTvUuq6iqSRlJrjumU4SJh2QU9O_riozqqG1-gqHSb-DGhLfltGLA0RJDmAdvRRkiQThY68pwoaKDSqQJ7h9X7PX1wzpSvTX9dgzF83Nd4TeDHVF-2L7PFuoUYHosiRtM_o2aOqCjt5bDrER0GdI3O9iBtcLnAio8V94puy6vDRi_BMGKtitV_K6bAvs
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 5CF1 975 B
750 B 49ms
48ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5045
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyZRWGsJQ9XOiBqxEDN5WJ49UQIf9tRHuxhtrMwgDhZrM5XhWSY%2BfJEWJforlf%2FOTZNkfOmi2bgrTr%2BBgUY0%2BDU%2FAjL0r0yvyfo0zPR3webeKOrD0ai81DLcmFdItFH7PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0acf8c5d494894-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 5CF1 661 B
1 KB 493ms
222ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.32945309703173065&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:08 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 4640971e-5558-326a-81cb-7e12a6cb4e80
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F42 0
0 112ms
111ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=3433421445597075&bg=!wsGlwZXNAAZGOVy5Zjk7ADkAdvg8WpotBfE0PIWPWsGwwrnKQarFHklYS00xmjKYKds4atLsk-FoxKogQIq_9DZaoZdw9kFxL-YCAAAAslIAAAAHaAEHCgCcVQB4ffBaWcg6ROqlEvD7By9jJcj7VC1d0ks7i0ke8BIsEIe0aKHp-fUEGnEV2ZhySbQ2Z5jV-UxGiLtSBgwiLZZ6z9KTRY9XojZEhX5sJHaulScix3ZrGgLv_Wz9zSpTyf0QtibjJKuRipw0J78-PTT1FhYB22l-X0_CQVvlb-rCM3X9dkyRRo0zRY1cvlM8ova_PSTeU2lOt2T4mQK-qcG1-ZxKz972qiMH0g2FTkYgxWFwbEdRJpLWOckB_vqLMeCwOyKOPiOrWSo_wxVg-mli88WeP60B5mKswxUUqJ0qpTu5jHT4XPI6TRQ0gah_c9Ydrr0VOF7flYo-4ZvMSwreeiYFfaIzya8cFWvzaemigaVvh_QXiCI1kJWY7BqzM0a9aBQ38Zi3-qAkIHczTJvj0YMULJAFwEWQ-aFH8kLV5I-b4N33dYICEys5ruyhlfgpGeF_KGCDcOQJPjNnQZfzgeCXjqGW5lcyPp7G5Flda6PCNJLdFna9n8GQlM8Kjhunit4YEMN_3isS0lmiundoTT3MYarGf0ressseuyKo9EKK7r5fWr-O-UfZBG1DB8Fcux0NvKnCepyZAwiCCn4k6gs81PxY5p4BPq-H2Enq1iSYpCBcmIqUgUObDMRQXum1zdXYvwFbq5YH9vBL2GXYuCn5TLPYeVd9JQIiGWjDv9YJKMnqxdgXKR3TejkcMnmgLlSenuyPFyjA0Xcnw8r5wnEZhVCmn4MZhKvaYU_AiafsG5iRjrFl8M8NqUBERAeAUl6_dJkX-uTkmjxQ0RZmuT-W17DkIWTBbrHZw-cTS2sB3nkZ7DeJKVwYtzdA7k6qzHWSR0h37HzbcZQrNxeXIGyrwlz5n48vGcL1q_nn746JlXt5hLVwTRshuWmZ96W91lMiXtKYGSR5KmbAbLYJYk3pSvLSm___ymaPhY5JN9XxPBnK2FhAFQUrB00ukA3zRgSM-rSEwMfXrtknd1bfCjdOcDzUeXVmpMU6ZlsJwssUqvDLZBMUOjuhoAKP8ZwEq_ytGkN3ZsHdXd3bo-EZ4Qv81KgTK8DKYz5Ztjul-PK-CR1N7nYOIUCExsjWPidtSDU66ArFNEoPtm76K-Zi7ZtYeK5YsI5ZilHqiuzt8GdYWAO5CcqXB2eJ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9733 0
0 111ms
111ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307310101&jk=71588366882608&bg=!GBulG0_NAAZGOVy5Zjk7ADkAdvg8Wr-9cg5BWjXdPO2xfYWxklvOxPKe7FN_hpPWUZ1p7KIktgXLFM8oV3kWc0-I4GCaBbG8aUICAAAAplIAAAAIaAEHmQLNHh2JVtIqBI1KCUDEIAAiicietXlRZZiYKIOqDO5t1ose8F8pp21rYQGw6mdd5yaJ5iMP0zJWDURYIh7xlnBHKIRXUQx2mxeeQEjml60IBHaIjNvZ4TGyyjHoIplyPIPkkYxxb4N6hAuXJa7rmPhBEDz96KwVuluJnin2MI12bmdtIxo0UtJ8h-P1Q4SyRITqmQTJ9dKuVCW2rH7r97-D4zqaLF_pj0Gz3ekzH475f9K_9Qo5YmLzTT4BjMrXfkN8amfSA8NlYvabZwlOkWXUb52Wx-EbmXIt_9x-JfmgxU-18GkBxXvfqY8Cw43PKmOg36AREvD79Fo3ST8PTyxNoUaMpMavLIGugMIKDHgULgpvdE7AwD5NfoySehFteMCAH00b-DCLjRxhzBzNIIKSNE2fr7YSjE3VRFxvcJq0UYvZ3I7Kg5h4OpTGyHw5UAemRpHMle7nsxXCcYpM3Owphe6rX8511HUYsRjadIpW4wrOJCPGXynIwv9z3zxhyGCCL_ctexw_Tr2N7KP3C7WtkD3j7QUdSzUxIzYLdb_VwyskOSDRsaMXZf19Yjjv_pziT5cHzB_wbSyQFaK6ACPRQ-73RGN5UZJ1NO9ehVWZuKHzO0a4rufRSjg1ItlrKEoAvAfTZjkYZWYPGadviDCxdSydLRC4cezWIVbg7NJMoj01sygVISnkRDTK1d6pY8loBtLCoF4o-dd2pIGT-HYxnauGwQ7LqStjm8wHB8od8OXm73ltWe7b7DmrZtqXXL8gRnV0pU8g16cSWeN9CavywiluodJhW7MwdQ7jz7a0OVIWTeDIgjGNNrtc210aJfDgPOucE5SyZSC5wAPRREpgPEhrTZfl51q1vqAR6x4lSi7IEkk9gklCaGdlld0uq3VMJqwUZUPCX6mHuTwiSoe5NIjwd9-iQ3iRSsaGQJ-3ycIja2priv1bcdF5DBkM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
784 B 116ms
115ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691026388074&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1536&pt=-585987862&tz=0&viewable=true&ddast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vA!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 561a5bbef435b3225bcfc01da06de59c4ca0cb94f4f9eb0210b4f6c7c467524b

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1407
x-cache: MISS
x-served-by: cache-lis1490045-LIS
pragma: no-cache
server: nginx
x-timer: S1691026388.094302,VS0,VE77
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 424C 80 KB
27 KB 107ms
106ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

503803982c8ce45a58f2a63f06463f34c9477211205372a577d3ad13e08ffd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27704
x-xss-protection: 0
server: cafe
etag: 588 / 19572 / 31076708 / config-hash: 14132395313572441401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:08 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame C172 975 B
747 B 59ms
58ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5046
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfyGktPUSBNoYeo5iqJw51CelhXkt9DwtruTmhAgoS%2BQfC1AtA1a0rU2EU%2BZ5I6G%2BdGZ5t9jSlWZUWVt79thcP8G0IC0rLQzH%2FCQDh77lvi68B4qBoVX5o74ee43vYXhKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0acf8fe9eb4894-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame C172 661 B
1 KB 453ms
168ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.23735273790933986&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:08 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 4640971e-5558-326a-81cb-7e12a6cb4e80
X-Adtype: html
Connection: close
Content-Length: 661

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 86ms
86ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5027&cid=amp-q7vc-ZJ-qKiUjZJr35OKew&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&dr=&dt=%E3%80%8A%E7%BE%8E%E4%BA%BA%E9%AD%9A%E3%80%8B%E7%B5%82%E6%A5%B5%E9%A0%90%E5%91%8A%E6%9B%9D%E5%85%89%EF%BC%81%E3%80%80%E7%BE%85%E5%BF%97%E7%A5%A5%E6%8A%96%E7%AB%A0%E9%AD%9A%E8%85%B3%E6%AF%94%E6%9E%97%E5%85%81%E6%90%B6%E9%8F%A1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1691026386&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=6550&epn.domain_lookup_time=11&epn.tcp_connect_time=566&epn.redirect_time=0&epn.server_response_time=1062&epn.page_download_time=1&epn.content_download_time=1669&epn.dom_interactive_time=1669
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 75ms
74ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E3%80%8A%E7%BE%8E%E4%BA%BA%E9%AD%9A%E3%80%8B%E7%B5%82%E6%A5%B5%E9%A0%90%E5%91%8A%E6%9B%9D%E5%85%89%EF%BC%81%E3%80%80%E7%BE%85%E5%BF%97%E7%A5%A5%E6%8A%96%E7%AB%A0%E9%AD%9A%E8%85%B3%E6%AF%94%E6%9E%97%E5%85%81%E6%90%B6%E9%8F%A1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-q7vc-ZJ-qKiUjZJr35OKew&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=6550&dns=11&tcp=566&rrt=0&srt=1062&pdt=1&clt=1669&dit=1669&a=5027&z=0.6888797001385092&gtm=45De1110&t=timing

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 23:46:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6421
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame 424C 398 KB
126 KB 76ms
76ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 10:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53789
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Aug 2024 10:36:39 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 424C 27 KB
12 KB 222ms
222ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2618816578882473&correlator=1658689021920722&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1691026388679&lmt=1691026388&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=yw2i3az7ps8m&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=348496662.1691026389&ga_sid=1691026389&ga_hid=1833610905&ga_fc=false&dlt=1691026387877&idt=778

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

25d317efee5f5cf492af36e71198bf4d5f24b767ffa0ea5e18ff0755ac656328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12041
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 424C 15 KB
11 KB 88ms
87ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e56824d82517f20b50a53780f4f13b41be041ee9a5a8027ffc00c1756ee3f043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11653
x-xss-protection: 0

GET
H2 200 container.html Show response
f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D5C 6 KB
3 KB 101ms
86ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:08 GMT
expires: Fri, 02 Aug 2024 01:33:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 424C 17 KB
6 KB 93ms
93ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5F6 13 KB
5 KB 74ms
73ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1727 783 B
536 B 84ms
84ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

949ad5326fa8d3792d6e08e32b1070fa84e124189639fe17882a7b1c87f67b15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jSV1NOSOwgqqzXRxUGrOAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-jSV1NOSOwgqqzXRxUGrOAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:08 GMT
expires: Thu, 03 Aug 2023 01:33:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0363 0
0 113ms
112ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTFoKfP0O7IvU4P9qhTRdwdW3P5BNoulQUwJ-DAGWLQVgPEHp8M1RxwXvj8NB4MGZbi1LTvGl4LmU9W3XlnrPVJpyGuDGy-hn8I4_4K9u4cE7vO-8Ak1aznbh-B-lt2E8uAzHR23Xebcc3WMiKULzp7LpTVXydFFq04vMVJWcfJmB_zqO6WKKErKk8WuzGZufw0sZDfzGWvNRLHu04OVP4XvBpvJCTcvjWM7PyNzLS0G6SPjk3srGTPChVi_Xx34W4Qg0ZzsFn_7QFtwhezFn2UXGm3K3HKOCY4TZCNt4NorEwbVhYJHW3ILHmNu7QYngfPugtjwxbkSS-&sai=AMfl-YSYen1sdh0hpTEJp7F3l4xwpWXW63_EnT6iekuhzmWL4YeO7yrC7lU4gwMCb3ty1Fs6ZZPtAtezkY8sq6_5bOhlutYSfeBsVnGJyg&sig=Cg0ArKJSzHKMCKNsNsp0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 0363 31 KB
10 KB 49ms
48ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 16:36:44 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 32184
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 16:36:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0363 179 KB
56 KB 100ms
84ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:08 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E360 80 KB
27 KB 94ms
94ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ac175a8c3e5f4da902397a92b31f957394c4add3bdfd1672e33b9b3a871fd5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27703
x-xss-protection: 0
server: cafe
etag: 450 / 19572 / 31076660 / config-hash: 14132395313572441401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:08 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame D5F6 37 KB
14 KB 76ms
75ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1727 0
0 108ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=2618816578882473&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame E360 398 KB
126 KB 75ms
75ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 13:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42902
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Aug 2024 13:38:07 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 0363 80 KB
30 KB 238ms
79ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MHP0KH7WNV7SQGPX
age: 501
x-amz-server-side-encryption: AES256
x-amz-id-2: QI87fjCam3aWPM7rNAZhqYyamC1c/VQ8bpkj8kCW7KQkJ1IbN1ELsmd7HG3XeyrWSbgciTn8s69tDOHvHuKZxg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 0363 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4b19578bf0b1848effb5ad2bf973e09371af0744e25dec9b53ac084b82d9f76

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D5F6 0
10 B 73ms
73ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6d_ujg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E360 27 KB
12 KB 169ms
169ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=523828522419622&correlator=1089282272307819&eid=31076398%2C31076660&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1691026389198&lmt=1691026389&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=s8kv3ubl2dc2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1248020530.1691026389&ga_sid=1691026389&ga_hid=1815117451&ga_fc=false&dlt=1691026388448&idt=738

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d7285e0872aa01a490b731b251a846c5adca149900ce3c5dbb28a6744c0493ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12028
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E360 15 KB
12 KB 86ms
86ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4b0b773422f11c4faceb80905f56e5278797adab462253f000bca3aa0a9f24d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11785
x-xss-protection: 0

GET
H2 200 container.html Show response
5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A55 6 KB
3 KB 101ms
86ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:09 GMT
expires: Fri, 02 Aug 2024 01:33:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E360 17 KB
6 KB 83ms
83ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3B5 0
0 112ms
112ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwG5JXOBYvq0B-5vUcxSYHUH5_RFznzT8mjFALAkj65bevvM1yiWkbTh1o-rUnVn1WKTQTCqyUXDVUoeBuzepjiqgmKP-YUx5ubC85nLkgHNgQ7Dfrytoe-9HfWz80e6RXkXWh97tFdFk2Yl_KytpE0-TNjGdTjey-zp2Ac7o4wSa22RO40YhvUSDuQldgIumpP9p3jxI-Eof3YBQ_H6T64sqacow60kDg5jj0trCgvPS8TV0cnrWCsQwXFgbyISHqFIWJK9kn2Ay_usGc410F5e4GeAtu3Qt8Qu2dfEMN_idNaGGGV86QXgguVt1hnqWiUkw895_04z7_&sai=AMfl-YTqk5GPlXQH783zKzJoxzGE0aOYgwu1jZ1YWn3ueTJr0bF6BUw-5NPezCRNcq_EiQlbnmjxm_BA0zVDJFcKx39SK8Nc5RGYQkwFbg&sig=Cg0ArKJSzBsw2CTPdVrFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame E3B5 31 KB
10 KB 49ms
49ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:00:20 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 27169
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 18:00:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3B5 179 KB
56 KB 91ms
90ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDF1 13 KB
5 KB 74ms
73ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3B0 783 B
535 B 84ms
84ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

869194b2a939e0390690f9a5597b53d3283b0b1f29b56c52db698366166075c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LriCYzESVdcJDfEDf6-7Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LriCYzESVdcJDfEDf6-7Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:09 GMT
expires: Thu, 03 Aug 2023 01:33:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 0363 290 B
614 B 273ms
95ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 03 Aug 2023 01:33:09 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 13
x-xss-protection: 1; mode=block
x-request-id: 978746c8-2652-4fa1-8284-2772e6563af6

GET
H2 200 b
geo.yahoo.com/ Frame 0363 43 B
366 B 255ms
82ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:09 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame EDF1 37 KB
14 KB 76ms
73ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3B0 0
0 108ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=523828522419622&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame E3B5 80 KB
30 KB 79ms
79ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MHP0KH7WNV7SQGPX
age: 501
x-amz-server-side-encryption: AES256
x-amz-id-2: QI87fjCam3aWPM7rNAZhqYyamC1c/VQ8bpkj8kCW7KQkJ1IbN1ELsmd7HG3XeyrWSbgciTn8s69tDOHvHuKZxg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame E3B5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ee956e29c698a19b60afe8baa6b2aa2aad5ea5f99491d3f97d3e57c883ddd55

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b
geo.yahoo.com/ Frame E3B5 43 B
96 B 82ms
82ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:09 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame E3B5 290 B
357 B 95ms
95ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 03 Aug 2023 01:33:09 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: b4b3283a-b00c-4d5e-8a62-9d77e0a0f4c8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EDF1 0
10 B 73ms
73ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2Sr0cA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 0363
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

54ms
54ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5048
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeafiayEITZpcvoCs5oZu7nhXQYZ7iVNDXsVbWZMj%2FDeHwED%2FJgd0fpr%2BYwCHUgW1P1vuKDTM8noR2P%2FoE0SSf%2FC1n2uJqkBr4WU5yy3aY%2FNFEkiymPSQVSgq9WeRbOM2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0acf988d8d4894-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 424C 0
0 113ms
112ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=2618816578882473&bg=!9Pel96PNAAZGOVy5Zjk7ADkAdvg8WootiVbeWpGe9ACCZ1Zv4Yugz2hwB68Ia5Z7MSBGkdULrg_z3qENDv0Z_WION7R0AXRRJaACAAAAhFIAAAAGaAEHmQL8uXUvyTc_D8ExNKW8irZMdxE81RqV8aqsBZSVnZAcctcxQFsxk3Z-aenq1HqzeYnnRBdr7fe2L-uu5aXhg_5m-QkuYt3qv8ba0QSQvxijXF8H1HcuQd_bp48m22fmPh1MrFMeGS7IvyyiEPpDU4G85olgU_kJY-sWhNW8PhBg50VTXyNe73mrraKahS-HuNdmK32h_fXn1-rA7UxtPvrs0LbAimFppyV0W3fqIyEaPz51HSWseCzat0gUsK1-5Rf3nVArH7YrbZQyYxwMrhsQw2N4L5kNnXiRlFK-uaZ3UHOuiuBoBVaEy8wUJtch0-WviUptUd2KxmNFabadB6hK4HnM2usGD4m40G_8p60QEDTv-eZYIz05hGpAGZ9FDo_vA5cIxbzWysVjxVsaxqFNAjZmYbmtLGg0BBqiUdZMgxEqscdt1cIzOG6uXTbtLSvhIrrnalPjjMlY8Ejr0KwTOQpa3LiKw9mgyqOYtNAywC8BtT1GvskYZKWQ_wCZwxhvSQVha87BAHtnhwoWuuvqTQcn9i4xM2Cc6zJEGRy2iAvkNGAZ_x0qUuxkrc_sNThsqDXV1OIq1hZ7R_Qd0rTgp73qWtj-MiOKl_uYZgxTk8fkLlh0v3blIOGZGEGX-eEAjSceGRf6yr3TivFcP6_HInA2dJzUSRdbqjWrEr2vZxDxV6XG3aI69bJjatxB9Ry3VfvnebWm3YmmGqtvBSNy0DxkU_XVrorPC6HhNmKZthvnLEzrwvlJLX1lJHcFYIRZFG1OoZFeAxuB_qjGwohdN98ghzThe5C0PA2knHSkL26aS_kT1SEaJHMENmxmZ2X2z8xLm9mJ6uI0OW8wkjWvuNqgx1h4YgiQ8XKie9iyGZ4Gp7vuMfz-WeCA9ExzIvxDkP2QsL7m6riTpQQALEUwz8vsfFZL-Z3Uk4xKNBExtay9KrO1zUXnTGudW-oLQ6RnCVAMa1Tb3Glz7cHUL9U1P9DJuU6OLQ7qLapYuOwfTAdqdclKniosL_gZuho
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame E3B5
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

49ms
48ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5049
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9%2BVQz9awpC%2BDFxHXK7uDfGB16NDETM1s0FRi1V%2B%2BiEZIgnIJgFB55s6tK76rXykHZk9qFmnErxp2fyYwrgh6%2ByCaBq3IYkMjvklOVN7ITyvR69YtHz9dAruImqsZZcf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0acf9a6fef4894-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 0363 975 B
745 B 49ms
49ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5047
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9L7PYpLXhL207u%2FQuERAGqcqLXx5ZN8a%2Fz0vuo02aMrmfsk%2Bg0fMJQuWK8cxV7l0iGecOrP6Tg6HElGp9ORYX2AhOpFalkG4KU9scWg654EB3z0wTY6V7cMtkAlAi61zXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0acf98ee0c4894-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 0363 638 B
1 KB 504ms
221ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.3725206348211876&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:10 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 4640971e-5558-326a-81cb-7e12a6cb4e80
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0363 0
0 308ms
145ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH1vXClhX9FwGGGPd4lfSVwLGmUe6RzxSYBJO24_B4ufE_bTeZgXFeYNsSZIsFTYyWVX_Hhx34J3q1RhGakRIxwdBUafvE5NyFYn6-6Cw2QaAVmcw56akx61qesBrWEN-Ho3EJXLZk17Mgq4Kj47bdNeTsstXpSil745pfHL-tbbP3vYjOUeGN8hRSGIfinOcbqFPPmEfHWmUV3aQ_mZzVHtT3d6oZSaqMYUTUURqK9M8UzjcRiwxY3ePQD17r-RhalxPYt0OPvlrzVbY9vWPxBL3vGXgFsZysf_EW0M0Rqryb3LbOUb0qUeJYx36LJorSnJFmq5vy_5IkVLs&sai=AMfl-YQWOrFYYQybX_o1SQVVQZ2n3NNB1iBr77dePETbzsMgCyFd45hsrjAAJZHul12YeTW98Qv2VBFXjW_-IayS541HDQnYVKdUUNeo1g&sig=Cg0ArKJSzAa-XFRGvLp4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E360 0
0 115ms
114ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=523828522419622&bg=!-vml-a3NAAZGOVy5Zjk7ADkAdvg8Wrc__nWVL7Q8qKUdr0v1enQ1ItKZ2LS1aM4q7bUaAEZumNZ176nci2OBCmTOFOB4sxaGA2ACAAAAVlIAAAAIaAEHmQL5evWfPb_j3_cw5QlNBZ_lpYbzCjo4j3Tp2c6FMGIcQN13aNgQ1F1ppM77fCVNRUvrcwI_Xj7kzY_i8uc_owRIylD64Kakbo5_p9XzvDJWOLl8dkzsiCTzYtQoAilAcEPwfbkgG00VN585bNDaAUUO4CwbUt0_I0PlF9uBNumLy7QvTmG5FfvCv4rm5jw72I2uUHn_GybAq0ldkFHA2byH1rlh_94tbkE2BGGI29S2HxvXJrdgJKrR9GoxTHLLtJD_eC_UKyP7hmgvzT8XPEz_du2w41Vlg21JmKvnvsHKSal_VDMPiN1aTn8D10g7nsrucXJoKtG7XPU3c7ZMORCpXRk99pz5xmdULLx-NF8RA3O2Ke6Z8BjkNgDxnRCb2iyLzdmMEVGez9LDGSwsn9t0I3tckPK7zk_ziqzD2ZxSx-VBkYeOYNmYwKX0BiIhy5i9wWp7UmPeErxFydXUG6kmqrPFniIFKrzEqMG_SQ17k2nMC8zCxCwnnWPUUuIYjDUpaweW7Qrs1ehg_cLXjl9DPKTxdyL2E6gBczVUOjU2F6H1im3yzMw1nZcp-_x-aTckz2QTGFhAMj-Q0oQ3qp1CvTK73VKfZuPKMLHYIqak73_UYh713tzmKHUKX0iv32QfGK_Jpml-Hnbuz1DOeMDA8I77eQ9tCpd1cwYSSsTYQKNwRNIFEiyjgN3vk7BAA1z0PAxHYcuaIUD0KINmTvd0JaNBZqBNzmT3OV9OTp72uKabGHbsl56UOHjFW57MaOdgIXqYyxVW35wkIoTQOjE70aWa9QBUCMX2yzc5GErREA1LrMG2jlgn0VFhDQEDCZMbmLwfN9QUlBTGH0P_333lmD5VsfsTltpDnB_jOYyfmelPNfAwEWZBK-8DjxvttFB2fCrRTsXWmn7rKYn6NvsMLMECwjkMqS_eHyF1NGYJqqsZgcAWY5V_I3Ym-ronxsiyNFGUUSbGBVFmNAq_k5s8vi3qAzZzV5KKUasrETY21sJfIcl_ne7ciFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame E3B5 975 B
746 B 47ms
47ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5048
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJM382bAzJqbkAYKWyjJvnW8efPXPrpwihWRas%2BLmu5SekUOrfMzZwrr%2Bswn%2BJSrIcVKZ56zHItYghQkwe21olOYocMwSoKZCvLBMtB3iae8r679iiBUMkelowCoIdyciQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0acf9ac8414894-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame E3B5 638 B
1 KB 454ms
170ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.0736843743011244&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 01:33:10 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 4640971e-5558-326a-81cb-7e12a6cb4e80
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3B5 0
0 113ms
112ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc5GAmtZ_KUSIZvJBV1hMOiB2Ds7XeX61cvByQn1RWoBgEsWJ63yji366Lcsc4ZQzxo2NzJF05T12ZInljSZpYrxBGChkROWXJX7QxeU1iAC0MZHxMMX_VbihZDa6ullSzSOUdc2oi0KqawrlWtQW9AfPd94jr2pwUMESEYKYGUIR3faRcEb823b57ko1MeiJl69gHmHPiMSc0IELKVQrNdUiKZYf9vyxzdWvpIaSnh5F0kELKHUxlwEbeQItwY3_bjDWyufk1duqM39vgS1Othwteh8YV95Hkuc-puhz36_FUxnWDklVBr-pYBKEmc1Q-BkDabywWL1EZ50Q&sai=AMfl-YS3jvniGZtr7qckSKoAj7T_4HYe31V9bAvw6zQvP3qYAg0ahoxoxNXemEQoJtTbvc3btYeQeyWH4U4zTrdE6Zf-M7AXDs6r_aCPjg&sig=Cg0ArKJSzM9S3KfjnulkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CB59 143 KB
49 KB 92ms
92ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

167e6d125f23e55ec6548e3de1daf4191cc0ca8396f6306079d711750284c792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50467
x-xss-protection: 0
server: cafe
etag: 6524741782460753839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ Frame CB59 371 KB
125 KB 110ms
110ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js?bust=31076700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d78ff10d283669855ed14a9d72329c2458d41bd06e97eca04a16f49a0bf58ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128109
x-xss-protection: 0
server: cafe
etag: 610137413428854240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/ Frame 95AD 10 KB
5 KB 75ms
74ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 85553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 01:47:17 GMT
etag: 12368291122986407432
expires: Wed, 16 Aug 2023 01:47:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0AA5 143 KB
49 KB 89ms
89ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6f9b371d31faa2bbdc595f3e9039ccd329c12056b564d1462e248e22d0404930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50494
x-xss-protection: 0
server: cafe
etag: 3549678258697767608
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A67 603 B
113 B 99ms
99ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=1470507226&lmt=1691026390&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390579&bpp=3&bdt=695&idt=142&shv=r20230731&mjsv=m202308010102&ptt=9&saldr=aa&nras=1&correlator=5148572287163&frm=8&ife=4&pv=2&ga_vid=2011260411.1691026391&ga_sid=1691026391&ga_hid=1277823739&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3940415668&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C31076510%2C31076511%2C31076687%2C31076700%2C44788441&oid=2&pvsid=2567108539035815&tmod=491473432&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.eeasvcqt96xk&fsb=1&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js?bust=31076700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CB59 15 KB
11 KB 88ms
87ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js?bust=31076700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d82f4cc6d905f546b52964d6f208a5c66fecada2b98ceebf6c6304e04cf99afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11680
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52CA 603 B
113 B 101ms
101ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=2272724308&pi=t.ma~as.9099904862&w=300&lmt=1691026390&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390579&bpp=2&bdt=695&idt=150&shv=r20230731&mjsv=m202308010102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5148572287163&frm=8&ife=4&pv=1&ga_vid=2011260411.1691026391&ga_sid=1691026391&ga_hid=1277823739&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3940415668&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C31076510%2C31076511%2C31076687%2C31076700%2C44788441&oid=2&pvsid=2567108539035815&tmod=491473432&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b44f8grop5hi&fsb=1&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js?bust=31076700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/ Frame 0AA5 367 KB
125 KB 119ms
119ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1f020424ecff1a1913024a44d7a474cc5efb78a29481f167e6647bccc56d9479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127871
x-xss-protection: 0
server: cafe
etag: 10268203780354522632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CB59 17 KB
6 KB 97ms
96ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js?bust=31076700

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0363 42 B
64 B 111ms
111ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfYwu7iDJC-bMM_WKBgNJgq_J_layA3r3ttLOOeQAg9nTPpRQWE45jvrL9C7R2QOGgE8tRXpTQAWjsGRlIZLqU4uXbfUx0wKo2CIQdfD651dGwNR-O&sig=Cg0ArKJSzEKKhBIyeC01EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691026388920&rpt=1014&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02E7 13 KB
5 KB 74ms
73ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5D6 783 B
534 B 84ms
84ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

e74e86a514eb129ff57912cb4b08dfccaefa4afd014feeb764504f421b0703a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ehN98uIxbll3cWgYxn-Mzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ehN98uIxbll3cWgYxn-Mzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:10 GMT
expires: Thu, 03 Aug 2023 01:33:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A26 603 B
66 B 135ms
134ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1691026390&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390804&bpp=4&bdt=620&idt=163&shv=r20230731&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=5349190888647&frm=8&ife=4&pv=2&ga_vid=935830413.1691026391&ga_sid=1691026391&ga_hid=1439406150&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3579293590&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076510%2C31076733%2C31076448%2C31076693%2C44788441&oid=2&pvsid=839725920084735&tmod=256106718&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.bvh60kbd3myb&fsb=1&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0AA5 15 KB
11 KB 90ms
90ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

87978845c9403539d099367376d875cf5f65c0f389cf75951d80a4ff8f1566ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11571
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BF0 603 B
66 B 131ms
131ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1691026390&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390804&bpp=2&bdt=620&idt=171&shv=r20230731&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5349190888647&frm=8&ife=4&pv=1&ga_vid=935830413.1691026391&ga_sid=1691026391&ga_hid=1439406150&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3579293590&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076510%2C31076733%2C31076448%2C31076693%2C44788441&oid=2&pvsid=839725920084735&tmod=256106718&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rwpa5nsj9p28&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 02E7 37 KB
14 KB 76ms
76ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5D6 0
0 109ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=2567108539035815&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AA5 17 KB
6 KB 94ms
93ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_fy2021.js?bust=31076693

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 01:33:11 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
799 B 119ms
109ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691026391167&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1536&pt=-585987862&tz=0&viewable=true&ddast=V8brkCLAZgEk94lz0OxBPAJJ7wLnsciC8AAABgYID-AMk4ZrbFxuNZC5a7xVo0Gc7cypXHs1aZXKvNzGUaLDbLISAZx8y22Hg8a8Fyt1iLJsOZW7nyeNYqk2u1mblMg8VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8apfTLXnZ3crXW3r0231uqdOtfL11Dr9b8HrrXA-7zy12_d3So9MtfDrsPrfI73pLjw67z618vaVOh98tcbrFTrtb-bq7FU-H3eeWOu0-u9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAKscHuL1MruuB5HLIHE4jX9_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGgIR9zyvginriqRAuEijAAAAABs6cOvHJmkE1Qsqvz___dbAbgCABCQmGtgvpdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCGwAAaYIpotjV_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QWDh3g-HGt3JNbKblYDLYDEYW226ym1k2K9Nktj3nJUk7HoFnaX02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgyjNxjhYem1u1GbncotFishZulgu3yLixbSbGxcK1cq1Fr4_p4jENl6vBFgkG7O1F8rRIJ4LNaLXxeAwby8JlsxlnxtVq4ZyZjMORZ7BbLBYWsURzskgnssu-sHDuBsONb-Wa2EzLwWSwGYwstt1kN7NsVqbJbN_yTJyjhcfmVm1GLrdotJishZvlwi0ybmybiXGxcK1ca9HrY7p4TMPlarBvzJaLwWS2GY72jdlyMZjMNsPRvkNn-K4-Z6OyrJJ8dDKZbVxa3JwGhctg8T6_F2loZ7QZfZqvxGLaqG8liVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_GqX0y152d3K11t69Nt9bqnTrXy9dQ6_W_B661wPu88tdv3d0qPTLXw67D63yO96S48Ou8-tfL2lToffLXG6xU67W_m6uxVPh93nljrtPrvQ9DZbxBLB6SKdiF7G00X9Rw25mEtWg7lkNJiLNqsEAAAAAAAAAGAJppluAgAAAOBkUMPNcLFap4OZzCaD3Wq5AC6CsnQBgwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO22WcEsVarZQ0AAEAAGwAAQAA33XgTiMXE_f___48DAAAgI4ceAAAA_T6gLAAAAAAAAH4DrRrsH4AKsVar1e3GWq1WQIOYbXaT2QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vA!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: dc8e1425fe0fc94486b6244aba1ae560e580fa020509517d5e8d9438609192f2

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:11 GMT
content-encoding: gzip
server: nginx
machineid: 1407
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 13B4 13 KB
5 KB 78ms
73ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 18682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 20:21:49 GMT
expires: Thu, 01 Aug 2024 20:21:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 57B9 783 B
536 B 86ms
84ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

a03d848108834b8de55b7643945c5286960f72456a90b13bb34c25aaaa2f92aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UHLxOJ8Ltxs_pQ_RKF3p9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-UHLxOJ8Ltxs_pQ_RKF3p9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 01:33:11 GMT
expires: Thu, 03 Aug 2023 01:33:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 02E7 0
10 B 73ms
73ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HleCig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 57B9 0
0 109ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=839725920084735&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 13B4 37 KB
14 KB 76ms
76ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 20:18:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 13B4 0
10 B 73ms
73ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tkEm9w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 01:33:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 82ms
82ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37v0&_p=5027&cid=1611244418.1691026387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691026386&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-ren-yu-zhong-ji-yu-gao-pu-guang-luo-zhi-xiang-dou-zhang-yu-jiao-bi-lin-yun-qiang-jing.html&dt=%E3%80%8A%E7%BE%8E%E4%BA%BA%E9%AD%9A%E3%80%8B%E7%B5%82%E6%A5%B5%E9%A0%90%E5%91%8A%E6%9B%9D%E5%85%89%EF%BC%81%E3%80%80%E7%BE%85%E5%BF%97%E7%A5%A5%E6%8A%96%E7%AB%A0%E9%AD%9A%E8%85%B3%E6%AF%94%E6%9E%97%E5%85%81%E6%90%B6%E9%8F%A1%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 01:33:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CB59 0
0 112ms
112ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230731&jk=2567108539035815&bg=!kpGlkcXNAAZGOVy5Zjk7ADkAdvg8WnTbvVLVJmOW7MCp2-LNEzpAoJpuRHksnJ_01Qaec-fbB9eeIbhqtl-OFDL-ADL3QpVfXwkCAAAAf1IAAAAHaAEHCgAcANAUWotCJx55pVf3lhVEcPo-K8mqYesaR-Jod5kDJreFRal4dG42eqZOh8kK6jXIjLl5BJ24hEeYPX6vatrNKqsrRu_f5uh7bUNwcEwv8PT4FjdxKw7FIjF8VG55vcPJsp1TcQvdp3uLYjy3B2KgbesOdVYJKHpny8b4ePhbmGwRR9V5lufWGcAmDieW7acy_mazeDiJAkM_EgzPAHxq6uj10k3cXlhwwJuURk7dnzX955MH3TG0aQY9fO9UizjkXJAGWJfy8O6VEhKjLJ62QHYjAg6ypRRaBWKmIZZ1EMNZd98j6isg7gdrxlc41-pSHYDVP2ZLCW2SNwsCMtT4Scm7dThxO-a1cCV3VZnhM3ERJTH9g9la4yK30yWrKsAYJDlVEV1Chu-YkYAlBwLBIvhV8dgi9JM2l0plarZnB7g-9pGbmYQVP_k_2xQhbQLFVB8QgzmpcJ1SAm7I5HcZiJ2z96OJsmb-Dl5hKpIO4WT2ugwTnoUlc__KWNwJ6d-WNH3mXTpWXfuva3Q3R60ThDTsLUYPsdWAEInwhDanD70-ZNdTqSlV4ExwR_sKd1B2FF5AqHYh4c1dzQ-Edli83i9HrNYU6lT3R2LNe3mZ-t1AcArRAG4hA-FQZzq9wE7VmQ5y24LwDVDpv4cyHNSUfnu-T7FjkutuPCkFPWzsYV7vTiW-IOfb_-nojTkbYMWuYsnrvxKiYEnyLmK3Fn_kssqTeufkyECYOFyUjsL6TLaY061akvgeCRtP9BqP9Dr5AbUk2q-KtdumBZA_0teJ43Q3iimOHnpAOvz1sX5H6ToORRjqkzKXuxJ2idxEaXL3qG6ehbyGfS2tu_IqXoqSbIBxPxOwNIjxs_dagQiDRPxi_hTy9-Wj1k-BSvEa9GvG6okqiGSvdR_xc3zY9YWouGB9aRStRQzbNzWPxB0Wx9sOjkgY6xOXnXWNXYnftdjbViWpW7pBj5mR6ZAdpaZvzTxlgvhkWn-wOjwZ6vKqYQW5LQVitkyXWugn-RjnYfKKX3ulNPvp-fhqkW2zrX2Fw-cSHP96E9eUIt9ubDffoZt-Wfob-hV4dsix04FT19xku8tweUpgx9xclp2IqKo3tgTiG51t
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c551ea16aaf509fee6d1a76cd1775f0d.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d6286253c0c3cd0698be1eefd816f697.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4c97bbc4dbd215a5be14f5e0e14fbbbe.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0171372aec62c33b35e6a6e435e74b53.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/068840923bff05c660b1cca4ef198a70.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/d8598427ae65404b15fd2dc290a0de5e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/54af48081daf213b9c79f57917e63b9a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d2de8889fe086b99f2ab96e0b3aae07a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/97f36ac916548a93f30ca1ff42756527.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d1122fbf1bf9fb3b717a56ff917d98ac.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/3aeb6781d2b977781894fde482af1229.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/42c499e3338770565a54ce77a437e716.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/67cc44b7654093b3b15c78fb1340bb9f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d50f98103d11185fa4d06e5cd25b6ec7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b489f1799fe0e69eab212affd8f812d8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8692b7c910b6e4a622612dd189259743.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8ba165abaff927020f315d99a98a4551.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/07ae5f15684617fab5f7ccb68c1c34ab.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2f2dcc1fef8e7bc91ca6a5d20dc2f69f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/e1bbc87800ebcf383281fea860ed9986.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/6207e745a154ad679b39a489ab3f0372.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/10eb172e99ff5cda92c5b1075b557e62.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202104/baf64a2d9d5a33edd9885f859f5c754b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/c5111c0d7241d2dfa91249f00fe92919.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/901313a0a8a5bb30790cae8388958206.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e76d398038713e683d909f92c5537cb0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/08c949c5795efb58265b5409a3891ffa.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:29:22	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3De3b94acf-53de-4412-839a-d8c63b81a5e5-tuctbc48950
.aralego.com/	1970-01-20 22:29:22	Name: sspid Value: 4640971e-5558-326a-81cb-7e12a6cb4e80
.aralego.com/	1970-01-20 22:29:22	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:29:22	Name: gdpr Value: 1
.quantserve.com/	1970-01-20 23:14:00	Name: mc Value: 64cb03d1-dfc1c-39f4d-0d99a
.bg3.co/	1970-01-20 23:08:15	Name: __qca Value: P0-1724591069-1691026385079
.www.bg3.co/	1970-01-20 14:26:58	Name: _im_vid Value: 01H6WGDV3HKM1DVENSHYBDQFDD
.bg3.co/	1970-01-20 23:05:22	Name: __gads Value: ID=d81c0e783551cc51-22e765bcb9e700f6:T=1691026386:RT=1691026386:S=ALNI_Madkh5mcdpF6fSvL67pA5lFUtMl-g
.bg3.co/	1970-01-20 23:05:22	Name: __gpi Value: UID=00000c4b4e4a2df9:T=1691026386:RT=1691026386:S=ALNI_MYKN91TociN6jcVmoUDF4rED_22iA
.bg3.co/	1970-01-20 23:19:46	Name: _ga Value: GA1.1.1611244418.1691026387
.bg3.co/	1970-01-20 23:19:46	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1691026386.1.0.1691026386.0.0.0
.doubleclick.net/	1970-01-20 23:19:46	Name: IDE Value: AHWqTUmyZXGPHeTLJo7kz1yhjDQfCmeFJ-0E1dI2DzaXn8om4UVPD56_xeyHmwXWPIA
.company-target.com/	1970-01-20 23:19:46	Name: tuuid Value: c4fa06ff-78bc-44d6-9b8e-ec9a881e9446
.company-target.com/	1970-01-20 23:19:46	Name: tuuid_lu Value: 1691026387\|rp:0

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/c551ea16aaf509fee6d1a76cd1775f0d.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d2de8889fe086b99f2ab96e0b3aae07a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0171372aec62c33b35e6a6e435e74b53.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d6286253c0c3cd0698be1eefd816f697.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/54af48081daf213b9c79f57917e63b9a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/068840923bff05c660b1cca4ef198a70.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/97f36ac916548a93f30ca1ff42756527.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/4c97bbc4dbd215a5be14f5e0e14fbbbe.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/d8598427ae65404b15fd2dc290a0de5e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/3aeb6781d2b977781894fde482af1229.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d1122fbf1bf9fb3b717a56ff917d98ac.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/42c499e3338770565a54ce77a437e716.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d50f98103d11185fa4d06e5cd25b6ec7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b489f1799fe0e69eab212affd8f812d8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8ba165abaff927020f315d99a98a4551.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/67cc44b7654093b3b15c78fb1340bb9f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202104/baf64a2d9d5a33edd9885f859f5c754b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/07ae5f15684617fab5f7ccb68c1c34ab.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/10eb172e99ff5cda92c5b1075b557e62.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2f2dcc1fef8e7bc91ca6a5d20dc2f69f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/901313a0a8a5bb30790cae8388958206.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/c5111c0d7241d2dfa91249f00fe92919.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8692b7c910b6e4a622612dd189259743.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/e1bbc87800ebcf383281fea860ed9986.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/6207e745a154ad679b39a489ab3f0372.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e76d398038713e683d909f92c5537cb0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/08c949c5795efb58265b5409a3891ffa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvbWVpLXJlbi15dS16aG9uZy1qaS15dS1nYW8tcHUtZ3VhbmctbHVvLXpoaS14aWFuZy1kb3UtemhhbmcteXUtamlhby1iaS1saW4teXVuLXFpYW5nLWppbmcuaHRtbA==.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=1470507226&lmt=1691026390&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390579&bpp=3&bdt=695&idt=142&shv=r20230731&mjsv=m202308010102&ptt=9&saldr=aa&nras=1&correlator=5148572287163&frm=8&ife=4&pv=2&ga_vid=2011260411.1691026391&ga_sid=1691026391&ga_hid=1277823739&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3940415668&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C31076510%2C31076511%2C31076687%2C31076700%2C44788441&oid=2&pvsid=2567108539035815&tmod=491473432&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.eeasvcqt96xk&fsb=1&dtd=162 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=2272724308&pi=t.ma~as.9099904862&w=300&lmt=1691026390&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390579&bpp=2&bdt=695&idt=150&shv=r20230731&mjsv=m202308010102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5148572287163&frm=8&ife=4&pv=1&ga_vid=2011260411.1691026391&ga_sid=1691026391&ga_hid=1277823739&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3940415668&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759876%2C44759927%2C31076510%2C31076511%2C31076687%2C31076700%2C44788441&oid=2&pvsid=2567108539035815&tmod=491473432&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b44f8grop5hi&fsb=1&dtd=169 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1691026390&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390804&bpp=4&bdt=620&idt=163&shv=r20230731&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=5349190888647&frm=8&ife=4&pv=2&ga_vid=935830413.1691026391&ga_sid=1691026391&ga_hid=1439406150&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3579293590&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076510%2C31076733%2C31076448%2C31076693%2C44788441&oid=2&pvsid=839725920084735&tmod=256106718&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.bvh60kbd3myb&fsb=1&dtd=186 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1691026390&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691026390804&bpp=2&bdt=620&idt=171&shv=r20230731&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5349190888647&frm=8&ife=4&pv=1&ga_vid=935830413.1691026391&ga_sid=1691026391&ga_hid=1439406150&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3579293590&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076510%2C31076733%2C31076448%2C31076693%2C44788441&oid=2&pvsid=839725920084735&tmod=256106718&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rwpa5nsj9p28&fsb=1&dtd=195 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d469b5f813990d4faa67f6f8f54ed89.safeframe.googlesyndication.com
3383bcd698479106b9b9719547554826.safeframe.googlesyndication.com
5ac32c5719974dfdbf6d5b45e800c0d3.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
d-13269575093767967297.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
eus.rubiconproject.com
f36b0ea1c4ee3543d1c9f3f5063a7e02.safeframe.googlesyndication.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rules.quantcount.com
s.company-target.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
103.231.174.251
108.138.7.64
141.226.224.32
141.226.228.48
142.250.184.194
142.250.184.226
142.250.185.206
142.250.185.65
142.250.185.66
142.250.186.130
142.250.186.138
142.250.186.168
142.250.186.35
142.250.74.194
142.250.74.196
151.101.1.44
151.101.65.44
162.210.196.208
172.217.18.1
172.217.18.14
172.64.165.28
172.67.71.254
173.194.76.155
178.250.7.13
18.66.97.30
18.66.97.34
185.106.33.48
188.125.72.139
192.96.203.13
193.108.153.15
193.108.153.25
216.58.212.161
23.212.211.47
23.37.226.112
23.38.81.233
23.97.225.52
3.124.251.238
3.233.146.33
3.75.62.37
34.120.96.193
34.255.212.168
34.96.71.22
35.186.215.140
52.223.40.198
52.68.208.5
54.199.134.236
69.16.175.42
69.173.144.139
69.173.144.165
69.173.158.64
87.248.100.137
87.248.119.252
91.228.74.166
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02e0876345c1eb93793970c6625afc5cbd68044ee2504ddf875c1f6dd82e6abd
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0e8609ac3b8fde7662ac69a8ce09a1422f8d8daf634a7836d75bff5b39c61faf
114113a1f50b0fe0dc53192fffec0a92343cd9bbd00450cf51bd79e92a6eb8bf
120d6f4483a00a7bccde9737c262e1085fb41e91ac401ec44ec4faf16ecceab6
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
16115dffdacfd399af1f392baf830a8ea41570cd9370921eb681ca8d622ac043
167e6d125f23e55ec6548e3de1daf4191cc0ca8396f6306079d711750284c792
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
195251f734458153a0d5d070fc3439725d825ecea5bf2d10e2200f54072c36ca
1a41e0bc29c53a7090d3a85031d456e1cd811e07e185e5b2c358432ae692dbe8
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1f020424ecff1a1913024a44d7a474cc5efb78a29481f167e6647bccc56d9479
22c151a9591ffc0b492181d688621885c48a0ad53b3a18fa52d26956b0efd503
240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d
25d317efee5f5cf492af36e71198bf4d5f24b767ffa0ea5e18ff0755ac656328
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2dfe27b88ffa0378bb53d1ad5e1f656d05adb0604b53fdd72ef341160b069c60
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e45d1306e6036820958c5dea9a4a3e90c316e3ea21b7a4020cc8af091bda782
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53
312f5d3b3452d422d91f54a1cd9eac5eb7803b6271bd0872fafd331f761d46db
32dc9979083578f034282905b0bce2b9e71382fbd680a9f7ce92f47116fbba9e
33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a
3665aacaceaa4bcc670183736fe655c0767bbc33c088e2c2a4c49cf932e3cb00
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3973cb55df9a5b6cb4455c50724a1bd7085b4ef8b1006996def9d92436c4e732
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404edfcda07a442d07e6c22ea8cd62ec602b410d4441f9452feae3665ee4137f
42d12985e4e2496cf02cb17f392c1c621764b222ec223013e37cda04d96b15ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ddbed3c7db1ccffb186e3d9f9a905ad0b2a762ab94fb23f106faaeb7151d2c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b0b773422f11c4faceb80905f56e5278797adab462253f000bca3aa0a9f24d8
4c706fa6891ab8ec3b09b2884c624b475844b5d3a2454142b731e551ad104664
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
503803982c8ce45a58f2a63f06463f34c9477211205372a577d3ad13e08ffd7d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561a5bbef435b3225bcfc01da06de59c4ca0cb94f4f9eb0210b4f6c7c467524b
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5aa69f0db0c2952fa2aa02cd6673001e86bfd7e62315a3af9d51c8b972544e23
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5df96f02ec095309b81f3c463f2ea906121d8cd95b1fe3b6472a50d0f40bb6ea
5fa38a30072ad287ec4f9990462eb0b79b84d34b2c95588842a4db6d9693ce75
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
63e72d83ce6dbb309f558caa866bd2de5ce84550846247017800ea249b451975
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
6776b347156d0a2704147cabdea67ae468aa98cd410c0e9f0d94b7ba580055b5
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a0411e2bb54a0b2b42b10c4fee4143f56225dedc3d760c3200a33c2dac75aa0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1841d6496b396b8024af92c18c36747efb0724510ac8a61244abe15e9213de
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6bf122b7054e352794e08cd127c0c3fe32ecc2a258bde31001745898fbef7cce
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ee956e29c698a19b60afe8baa6b2aa2aad5ea5f99491d3f97d3e57c883ddd55
6f045c77105449b9cf249a50595c8c18689dde73a28cc58badeff619316e09cf
6f9b371d31faa2bbdc595f3e9039ccd329c12056b564d1462e248e22d0404930
7112e98f589ecdd5c33b43ad1def7678f4d9cc0a977b8491d71ce9a339843f96
7490e1067081974b8a0d835b0328c212ede192a2da2dff3fbbe2a48fe73884f0
75121139206ffbc6b85233db0520027d3cf8dff5c6c2ef536302048d342052c4
778e25c0fb0646d0a3caf051fec93045137cd3a39eaa05061edcb1de17e9ee5d
78effd20f3137c2a5f4e4926ad3c7f5cb4f3f5a7fa78cc1502f852753943ae58
79ec8273f7846029e24f21aa8dd8571dbf5ef42ea9c50933e7d838a876c9de12
7aabf43feb1a7fc3ab72a0e668ed7a2270a372e6302e3d9c597276da6688b669
7aeb79f60a16395b0f980556f6421e611710f447efd99ad7072d88eb4cb5f94d
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
813259c2c1f1d3b42d9a6749d793fcc4d9cdf352160fb907c41a0e71c2de0b9c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
869194b2a939e0390690f9a5597b53d3283b0b1f29b56c52db698366166075c1
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87978845c9403539d099367376d875cf5f65c0f389cf75951d80a4ff8f1566ff
88df65a6415b8df0c9a7cd4dd874368a3d00f22b2e37d165158fc0fb7b948d2b
89c98a9c7a8afa4a8d27441e2fe85c2928d71021e4ed4a10cc53a5f3167a88d1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9486ff4441682f55116505a35570ee23d003129bc47cd124f4bc66f59617ab09
949ad5326fa8d3792d6e08e32b1070fa84e124189639fe17882a7b1c87f67b15
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9949829e50fa7f7b67af64827ca019aa4a50fff98b7a5506b66828a4d5e10b30
a03d848108834b8de55b7643945c5286960f72456a90b13bb34c25aaaa2f92aa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a9259dff6cfde73b43435e96b80eded7ce9a880c8505f0f372035c3665f7768e
a9bcfeccdabb2efe79ca4269a4576b47b3b40beb028358830eb27948af064206
ac175a8c3e5f4da902397a92b31f957394c4add3bdfd1672e33b9b3a871fd5f9
ac4a5d4f7704bfabd97126241009d730d156e68859c8bd7d0db1f049acc39e95
ac9b3fd5d4536e08e84286e2b1609fd556d061553dead32c4006972865a203ca
adca2f060e122a2e91558d2092a7b9cfcc9290ed24751a5d3ea391db6f8ed53c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b716ca55d75d073ff68df99fc2cc8b7b2ddf87dcd2a7886300d76c682bf0c83b
b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37
ba1573e71010ae0e7c093f3613ca3c79aa73f9afddd397cbc592e62e90a85197
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bcfec993b08befd1f4360a3b4672227540cfcc11168c96b2305eef106f1d1460
bec100a88725b8aa87c85af62b54a24314255cf4f2f9a40eb49a5f4606b37fd9
bf5f136d6133046374dbe85acf45474da9fdf91d685eaa5c3557025243f97644
c09fcb11840d38e862d0f31b0a252007826f270ad78998d8f4f5321469bbefc2
c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b
c3b841038d3e92059d020f8e07ac081fe3e75b5d274f88107475158bd05a834d
c48591cdfc185a972b061eda640a0622c21df74c1cccc81c1867970e1e6d1567
cee485246cdd0c208f39c2c3a38da5966166e82cb8da88809defdcbfa382dcda
cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba
d4b19578bf0b1848effb5ad2bf973e09371af0744e25dec9b53ac084b82d9f76
d7285e0872aa01a490b731b251a846c5adca149900ce3c5dbb28a6744c0493ee
d78ff10d283669855ed14a9d72329c2458d41bd06e97eca04a16f49a0bf58ec2
d82f4cc6d905f546b52964d6f208a5c66fecada2b98ceebf6c6304e04cf99afc
da25b339479e7c7eb79fa0d42dd011348897ada0b0ca4660dfe5c39ac96bef7f
db3a22d233f4e5bb4e6b74af67901d56e31ff5328343887ae30ad57644431c7b
dc2e935a1e0c8c9dda218fc1e166cda3b86ed878e45b6075bede348ccf7b17ec
dc8e1425fe0fc94486b6244aba1ae560e580fa020509517d5e8d9438609192f2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e09e2eb7bfc87ad6c2f71e271e37ee4a95f7edcc24337f898f5131cf2873c26c
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4077dbb5f338c16febe543c4b1fc9d927c176ec63b7afbc7bfebbaaa77dcf10
e56824d82517f20b50a53780f4f13b41be041ee9a5a8027ffc00c1756ee3f043
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d
e74e86a514eb129ff57912cb4b08dfccaefa4afd014feeb764504f421b0703a9
e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30f3be8f6888bccb8c6c894afb68a289ac4ae863f65c534c9a508a1e8d31377
f4bfdecca1d58211ad1f18ea135a7216922dff2f38001d9ab27820a20ecc4259
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

313 Requests

89 %HTTPS

0 %IPv6

33 Domains

68 Subdomains

51 IPs

9 Countries

4421 kBTransfer

12533 kBSize

14 Cookies

15 Outgoing links

Redirected requests

313 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

313
Requests

89 %
HTTPS

0 %
IPv6

33
Domains

68
Subdomains

51
IPs

9
Countries

4421 kB
Transfer

12533 kB
Size

14
Cookies

313 HTTP transactions
3 data transactions