www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Submission: On August 04 via manual (August 4th 2023, 5:12:30 pm UTC) from US — Scanned from PT

Summary HTTP 324 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 31 domains to perform 324 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
5 11	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	104.26.5.103 104.26.5.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.108.153.15 193.108.153.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	193.108.153.25 193.108.153.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
48	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	54.150.78.24 54.150.78.24	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
39	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 26	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	91.228.74.168 91.228.74.168	16509 (AMAZON-02) (AMAZON-02)
2	23.53.42.112 23.53.42.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.45 108.138.7.45	16509 (AMAZON-02) (AMAZON-02)
40	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	52.193.39.238 52.193.39.238	16509 (AMAZON-02) (AMAZON-02)
3 3	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
10	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.30 18.66.97.30	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	172.64.165.28 172.64.165.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	99.81.196.90 99.81.196.90	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	3.233.145.253 3.233.145.253	14618 (AMAZON-AES) (AMAZON-AES)
1	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	18.66.97.113 18.66.97.113	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
23	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
8	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	87.248.119.251 87.248.119.251	203220 (YAHOO-DEB) (YAHOO-DEB)
2	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
2	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
324	49

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.65 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.96.203.13 (Manassas, United States) 5 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-15.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.108.153.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-25.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.150.78.24 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-78-24.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.206 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.42.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-112.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-45.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.193.39.238 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-39-238.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.211.47 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

d-509506171156017602.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.165.28 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.196.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-196-90.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.145.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-253.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-113.fra56.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.129 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.184.193 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.228 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.251 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 926 trc.taboola.com — Cisco Umbrella Rank: 672 vidstat.taboola.com — Cisco Umbrella Rank: 2808 il-trc-events.taboola.com — Cisco Umbrella Rank: 19288 images.taboola.com — Cisco Umbrella Rank: 1776 imprammp.taboola.com — Cisco Umbrella Rank: 13531 am-match.taboola.com — Cisco Umbrella Rank: 13578 wf.taboola.com — Cisco Umbrella Rank: 2936 am-vid-events.taboola.com — Cisco Umbrella Rank: 12691 vidstatb.taboola.com — Cisco Umbrella Rank: 5235 pips.taboola.com — Cisco Umbrella Rank: 1641 cds.taboola.com — Cisco Umbrella Rank: 1872 am-wf.taboola.com — Cisco Umbrella Rank: 14730	2 MB
66	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 158 78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com 1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com 11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com	973 KB
29	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 ad.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 115 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	798 KB
19	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1189 eus.rubiconproject.com — Cisco Umbrella Rank: 622 token.rubiconproject.com — Cisco Umbrella Rank: 648 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1250	57 KB
14	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 38577 sync.aralego.com — Cisco Umbrella Rank: 3449 agent.aralego.com — Cisco Umbrella Rank: 230342	10 KB
12	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14143	204 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 418	219 KB
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724 www.google.com — Cisco Umbrella Rank: 3	14 KB
8	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491 ups.analytics.yahoo.com — Cisco Umbrella Rank: 329 ads.yap.yahoo.com — Cisco Umbrella Rank: 14169 geo.yahoo.com — Cisco Umbrella Rank: 1332	3 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 17725 e3.adpushup.com — Cisco Umbrella Rank: 18458	277 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55 region1.google-analytics.com — Cisco Umbrella Rank: 1869	664 B
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 94927	39 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 385	793 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62528 sync.logly.co.jp — Cisco Umbrella Rank: 65693	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26249 audiencedata.im-apps.net — Cisco Umbrella Rank: 28861	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 572	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	113 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 855885	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	912 B
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8629	505 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	84 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1256 pixel.quantserve.com — Cisco Umbrella Rank: 995	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 28981	11 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19954	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	ampproject.net d-509506171156017602.ampproject.net
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1197	633 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 431	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 91282	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
324	31

	Domain	Requested by
40	il-trc-events.taboola.com	www.bg3.co
39	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co agent.aralego.com www.googletagservices.com
23	tpc.googlesyndication.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co
23	images.taboola.com	www.bg3.co
18	securepubads.g.doubleclick.net	cdn.adpushup.com cdn.aralego.net securepubads.g.doubleclick.net agent.aralego.com www.bg3.co www.googletagservices.com
14	cdn.taboola.com	www.bg3.co cdn.taboola.com
12	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	eus.rubiconproject.com	nt.compass-fit.jp ads.aralego.com eus.rubiconproject.com am-match.taboola.com
8	www.google.com	tpc.googlesyndication.com
8	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
7	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
5	token.rubiconproject.com	eus.rubiconproject.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	agent.aralego.com	4 redirects
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	www.google-analytics.com	cdn.ampproject.org www.bg3.co
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	trc.taboola.com	cdn.taboola.com
2	geo.yahoo.com	adx.holmesmind.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	ad.doubleclick.net	1 redirects www.bg3.co
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	vidstatb.taboola.com	www.bg3.co
1	pixel.quantserve.com	www.bg3.co
1	stats.g.doubleclick.net	cdn.ampproject.org
1	ups.analytics.yahoo.com	imprammp.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	amp.analytics-debugger.com	cdn.ampproject.org
1	fonts.googleapis.com	cdn.taboola.com
1	d-509506171156017602.ampproject.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	l.logly.co.jp	nt.compass-fit.jp
1	secure.quantserve.com	cdn.adpushup.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
324	66

This site contains links to these domains. Also see Links.

Domain
popup.taboola.com
trc.taboola.com
www.bigglobaltravel.com
www.conselhosetruques.com
storytohear.com
pjbmu.com
lifehack-app.com
rxh511.llsdzktnxwnnr.com
perfectadd.art
1t5cbr.llsdzktnxwnnr.com
915ac9.llsdzktnxwnnr.com
track.trk51.com
5minstory.com
trk.go-aas.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 48 frames:

Primary Page: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Frame ID: 7EAF6FAEB48DFA82A8A5EFEA1E126B55
Requests: 171 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 168C119C7DB9ADD5F19E147BEB52824A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 2D028E2B58364F9B8902D496633D3A27
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A88D3C49180B23FCE46DFB91C8DC8BBF
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FF078E9C390A90384C0F2DFAB44895A0
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: A773DAAC436EE59309422FF053771159
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&cmcv=&pix=undefined&cb=1691169142225&uv=3313&tms=1691169142225&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2061368-9154-4088-9f19-a5a318de6ee5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: A1FD8B3A5572EEE5B6BDAA2C93C42C85
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 6BDE15B5AE2CE458678CE8741F25E5A9
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4D89B28D0EF4E66559D74D09C7812DB0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 920FB8BD14680C17CC22F41141C3ABC0
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 683604B0D6AE8BCE4228CFE7A466911E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-431208314610357599&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3116&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=187006897&ga_cid=amp-D1SARxX8drOmvGAZKqGP7g&ga_hid=6897&dt=1691169143177&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&bdt=3263&dtd=156&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: C7BAC0914E5F6C19970C6C9DA51FC860
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: D0DD4CBEDDFFE279E493D81446221D30
Requests: 5 HTTP requests in this frame

Frame: https://35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CB6D8378FE5DCAA1804E28BBA57B460E
Requests: 1 HTTP requests in this frame

Frame: https://78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9E391DCDE30921FC3EB63B2F86B813DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 666CFE1EDA08772F7516D0DD4BA79A5F
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B28FD95823BDC255ABD9CA5ED93CABD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3FC12B9AB85282AC5A08FF94DDEEDF1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B020D9BE4D83DE35E4577C761E58E4BF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D5034A2AB3CAB3EAEDB8E2569588870
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A92F46E0DC4E850BF517B92CB3F14194
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2E50013AC061C1EFFC786C7BBA4F653
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: B12318770DD2C67726E5E8EC0E37F7CB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45DF257666C47718377D0FAC5C59E8E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89C5F9551314435280B052FD4F34A561
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 281D01E97EB02383912A538E139E481A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 42310126E7B714CC38F94894598A860D
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 23B6BFC090EAAA6AD28AE81288A3B707
Requests: 6 HTTP requests in this frame

Frame: https://1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 4E671EAF197D97BF9B40469BC5072C19
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1182771DBACB5E72B89F18BBCB06030C
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-FhQjC-LiZawWvMzDgg9-JxvVqGNW5D9pJcABm8JffZe_5FWqr_UppdV4yGEvX6rlnRLnOghfZWqsBYebRApWvldj5MKh4H9BzW99Nuum2wMsuEYFmT9RyvVe9TZcBQyzhvYdHbNe7lqlY4YOvB315_gNw38DVOg2pxkC4tGX0WGxh_6nZsId9liv5Qaf48JIZSjbK4pQb91zSk1mPrPrVhDPqumxR9Nk1qtI3S6FQJyA4RxB2q9Linqfcsflz3Ot19L6WqH0PZtja90QpjsYocmrN7AKaGyiryZSfKVyoNfvzDcyRxYYeDoxSpNWmiCD9ujQwxntnFaHhqE&sai=AMfl-YSJAguCFYxfJ-CnlJnn65q2QVrpDrbxfthGZEZ3aSLM-VGnSkhVPiEWEEehN5PBH4CEwaSfrw0IhC8Mi-53itBuGRczsaJZOQvpBw&sig=Cg0ArKJSzICRcxC2g9iREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EB294AE192E0189D11D405CE66DFC15D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EEE64BA74BAB8F360E6D5599B7659D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBBC1CA4753660DC511EDF2187654936
Requests: 2 HTTP requests in this frame

Frame: https://11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 90CEC0F15AFC719DE3B735147623A255
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_qngK0HqAhkUPOnGr9F91DIPSoiKNTLinFNLIsfQ8cHugW8Lq_TDPMlbE31tFadce4RI84q8BRNB_8riYKFaTs1CIQzA3mUiAtIwiktrZwvnN4p6lNHt9BAd_94w36XRmj1k-D602Oget2JsRC-uLKfp8fyHs9ym9sxTp9VjiPiFwJJ6e-_QsAW6QdVeRV0hr4rC1W9v60Fh6Tr8L5umukRVegmImjnvLURV8c1ujUzVO09KjYxGqCRlAOlI4s2oDtSC9z8KhV98ZDNZ5qKrEPEKvytFGzqmfEKfrf0bIwujeOlZjzvFlj9_x8bRQSrJ7QYD_atFLWPA6mFk&sai=AMfl-YTGiQ2B87-W9Mxi-e0m81tRRddnSKtVn8Xk2gKNfvlZtL9Y_qq0CsdHgWXlLEt5HetY-cRjeUV1klq1-GFPkx3VqKX3_zGBkM7Ibg&sig=Cg0ArKJSzCj9m8lGLofGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E793616AE3C223682D190FD4361E14CA
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3617F6D734634540FD222047CD23CA17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C726F06768B82A4452286900E68FEE8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 5D701B4BF4B80E99AAB06D68AF468401
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: 98428BC49DCECBB7135F3C54CABEE9F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1691169149&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149249&bpp=4&bdt=423&idt=281&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=3048876141831&frm=8&ife=4&pv=2&ga_vid=501774154.1691169150&ga_sid=1691169150&ga_hid=355623248&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3696207329&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076469%2C31076087%2C31076482%2C31076510%2C31076696%2C44796632%2C21065725&oid=2&pvsid=2125168025372113&tmod=834266751&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ukmzwrsgrcrf&fsb=1&dtd=309
Frame ID: F9BA7D5C9D69A76A458A210E9775A376
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1691169149&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149249&bpp=1&bdt=423&idt=294&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3048876141831&frm=8&ife=4&pv=1&ga_vid=501774154.1691169150&ga_sid=1691169150&ga_hid=355623248&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3696207329&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076469%2C31076087%2C31076482%2C31076510%2C31076696%2C44796632%2C21065725&oid=2&pvsid=2125168025372113&tmod=834266751&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.p3g3epcbfu54&fsb=1&dtd=315
Frame ID: ED4FDE987B07F8FB97F2CDDAC683287B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 0946635C060242BB1C8DDADDC738BB0B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B2AD3354BDCBDC697CCA94616C6A6BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3651251D0CA4CA6E17DCEEB1191566E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1691169150&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149774&bpp=4&bdt=648&idt=286&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=4596376478755&frm=8&ife=4&pv=2&ga_vid=549601185.1691169150&ga_sid=1691169150&ga_hid=559704480&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4293469109&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31076482%2C31076510%2C31076653&oid=2&pvsid=4015208259093804&tmod=890660671&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.1mnq6rtxkhxj&fsb=1&dtd=310
Frame ID: F3D6481FDB70665A49687D0FB8CE37DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1691169150&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149774&bpp=1&bdt=647&idt=294&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4596376478755&frm=8&ife=4&pv=1&ga_vid=549601185.1691169150&ga_sid=1691169150&ga_hid=559704480&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4293469109&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31076482%2C31076510%2C31076653&oid=2&pvsid=4015208259093804&tmod=890660671&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.vsp6m5z5o546&fsb=1&dtd=319
Frame ID: 20F883596E49D7EF625D77ED43D37D32
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C9A1C048A2A971D2B835964DEFE94F2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52BC6BAFC32FAF2E92438FA470536762
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

端午全臺飆高溫！中醫師教自制洛神烏梅汁、防蚊包 - 天天要聞

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

324
Requests

92 %
HTTPS

0 %
IPv6

31
Domains

66
Subdomains

49
IPs

9
Countries

4524 kB
Transfer

12639 kB
Size

12
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=e364fc53ce5cd0e84ffc76930c20e8c1&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~-904043495400908247~~MzBekeY3HPASWb3lwSGWd8L4f_-6Wq8jv8-LRsLGRUmxeXQGhMgMyta5rZomKyrsPn94eeVGNe5GDyhTMv346sUyI9zJP5zsCUrgvE1selH04NiLlIkCdscJlynvusRufe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=e237bf15074d9a29563c978bd22c3d268305c974508d&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fclk%2F563686785%3B372774406%3Bd%3Fhttps%3A%2F%2Fwww.elcorteingles.pt%2Fofertas-limite%2F%3Futm_campaign%3D20230803-ver-ofertaslimite-I%26utm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_gmpid%3D372774406%26utm_content%3D3719019281_http%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F5555dd5a250e43723cc5329af7c637c6.jpg%26utm_term%3Dpalmate-bg3co_1524057%26utm_artemis%3DAproveite%2Bos%2Bdescontos%2Bem%2BModa%252C%2BCasa%252C%2BDesporto%2Be%2Bmuito%2Bmais%2521%26tblci%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDZyFMoq573g__15_GAAQ%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDZyFMoq573g__15_GAAQ&vi=1691169140683&p=elcorteinglsportugal-sc&r=36&lti=deflated&ppb=COoB&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxMzM4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwiqNRCITRgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI5EkQu2EYOGRjCP9GEO5dGB1kYwj0FBCeHRgfZGMI8f__________ARDx__________8BGA9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAGg4KSMnDE&cta=true
Title: Compre já

Search URL Search Domain Scan URL

URL: https://www.bigglobaltravel.com/cities/world-borders-pt-ai/
Title: BigGlobalTravel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/saude/medicos-alertam-recipientes-de-plasticos/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://storytohear.com/pt/ho-to-clean-a-burner/
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/saude/3-sinais-de-que-voce-provavelmente-range-os-dentes-durante-o-sono/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://pjbmu.com/go/5d2cc1e9-c27e-4eb4-bd6c-345831b3435e
Title: Carro elétrico para idosos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=9f4c8431108cb834d5c701c8aa6e5e8e&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~-4467127564505210298~~qxxaHdFowQPSwx9NDX0DMFJkJfryULfgiOBETheZTgxyNpbgedRdYuhjTdtdbeHkc727pjYrZ0dbCVZs27M8_2uHRcdZ7W2U5z46CTP14tV5b7MvFB3l9dnkci_UZtrGds6CuiXMzmM2XQa7kNG2qU2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=a53a436f6b8f62a9a4a74896c30694dffe6c542f100f&redir=https%3A%2F%2Fpjbmu.com%2Fgo%2F5d2cc1e9-c27e-4eb4-bd6c-345831b3435e%3Fcampaign_name%3DElectric%2BCars%2BSeniors-pt-PT-D%2BKW31%2B%25282.5%2529%26campaign_id%3D26571715%26adgroup_name%3Dpalmate-bg3co%26adgroup_id%3D1524057%26creative_name%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26creative_id%3D3718386046%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26click_id%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDQxl4o4JKbzs6OtInUAQ%26tblci%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDQxl4o4JKbzs6OtInUAQ%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDQxl4o4JKbzs6OtInUAQ&vi=1691169140683&p=hi-electric-cars-seniors&r=37&lti=deflated&ppb=CM4D&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxMzM4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwiqNRCITRgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI5EkQu2EYOGRjCP9GEO5dGB1kYwj0FBCeHRgfZGMI8f__________ARDx__________8BGA9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAGg4KSMnDE&cta=true
Title: Leia mais

Search URL Search Domain Scan URL

URL: https://lifehack-app.com/pt/
Title: lifehack

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=9ce9d1403880d728079a2dd4056fc05a&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169141_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~-1759802803310014691~~dZBVjDJGgPt7_cZs7lK2UQISVMEP9DX9JUCP-b4ptOtw6cLzOYgYTH58zK8cIqqSJYwBf8qw91kZ_9jOpdBBUC-gReRCTQeE035i1yekV0Zro9AteEY7Cx9gWYuGUBWtRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=c91e53dd2daf575ca1c682e14f5c3efa9ff535a8c2a7&redir=https%3A%2F%2Flifehack-app.com%2Fpt%2F%3Futm_source%3Dtaboola%26clickid%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCkglwokbyOz_3p_PEp%26subid%3D26245065%26subid1%3D3712130570%26subid2%3DDesktop%26subid3%3Dpalmate-bg3co%26subid4%3D1524057%26subid5%3D2023-08-04%2B17%253A12%253A22%26__sid%3Dfafaecf0-d105-48a2-b0f6-01f814827010%26tblci%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCkglwokbyOz_3p_PEp%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCkglwokbyOz_3p_PEp&vi=1691169140683&p=digilab-sc&r=78&lti=deflated&ppb=CIoD&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjk4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwje__________8BEN7__________wEYImRjCKo1EIhNGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCORJELthGDhkYwiWFBCfHBgYZGMI0gMQ4AYYCGRjCP9GEO5dGB1kYwikJxCKNRgvZGMI8f__________ARDx__________8BGA9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHS56SMnDE&cta=true
Title: Saiba Mais

Search URL Search Domain Scan URL

URL: https://rxh511.llsdzktnxwnnr.com/
Title: Piscinas | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=671e7f6cac1521c4c701932279b238b8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169141_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~4504988378040719468~~alFXN9Qmewzi3OM8U7y3yxGzC0ujIp-0gffcOyh3WmN9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l16xQ-F7zlBKXjBek9PAy_PSxqAMvqBQ8eqSP66YjP_A2Qg41dgAZMtE3ficY8PD7d0xLoHeXOFqQsuvibucL6JNME3FIWDZNlT7mtVeMfctYZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=0423bf65037224c471cd95b98d54db9b3403fbb34e55&redir=https%3A%2F%2Frxh511.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DA%2Bnova%2Bgera%25C3%25A7%25C3%25A3o%2Bde%2Bpiscinas%253A%2BOs%2Bpre%25C3%25A7os%2Bem%2B2023%2Bpodem%2Bsurpreend%25C3%25AA-lo%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCinFwojKa-z_Gsl8zJAQ%26subid4%3Dea-pt-a-pool1pt-568055-a3107-tb%26kw1%3DJardim%2BBarato%2BPiscina%2BCom%2BCobertura%2BPre%C3%A7o%26kw2%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7o%26kw3%3DComparar%2BBanheira%2BHidro%2BExterna%26kw4%3DComparar%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw5%3D2023%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw6%3D%7BCity%7D%3A%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw7%3DComparar%2BPiscina%2Binstalada%26kw8%3DPiscina%2Binstalada%2BPre%C3%A7o%26kw9%3Dlista%2Bde%2BPiscina%2Binstalada%26kw10%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7os%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCinFwojKa-z_Gsl8zJAQ&vi=1691169140683&p=mmosworld-clothing-sc&r=90&lti=deflated&ppb=CJwF&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjk4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwje__________8BEN7__________wEYImRjCKo1EIhNGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCORJELthGDhkYwiWFBCfHBgYZGMI0gMQ4AYYCGRjCP9GEO5dGB1kYwikJxCKNRgvZGMI8f__________ARDx__________8BGA9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHS56SMnDE&cta=true
Title: Leia mais

Search URL Search Domain Scan URL

URL: https://perfectadd.art/click_taboola.php
Title: Geladeiras | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=671e7f6cac1521c4c701932279b238b8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169141_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~2610492907108992662~~_MvJfG55fLk8i7nvuLRMBT9tmr9Evzo-H1FAE3wg-1lyNpbgedRdYuhjTdtdbeHkAMR6N-neyHTDxGkhKOVyKoPYvDs_vkv-HL_CdGiLMrWT5GCZMQfrbesy3iNGtgUPRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=95db25a339673ff0cbeb880651b3b87c92dcad04f27d&redir=https%3A%2F%2Fperfectadd.art%2Fclick_taboola.php%3Fkey%3Di2xdo34jrg1bcrx7c58r%26click_id%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDC3FYo2NSVu738x9DwAQ%26utm_cpc%3DDAgsYgqD5EFrcVfWXAPJhZoaQMmJiY9gxSyRlOcBtoA%3D%26site%3Dpalmate-bg3co%26site_id%3D1524057%26title%3DArcos%2BDe%2BValdevez%253A%2BGeladeiras%2B%25C3%25A0%2Bvenda%252C%2Bquase%2Bde%2Bgra%25C3%25A7a%2521%2BVer%2BPre%25C3%25A7os%26platform%3DDesktop%26campaign_id%3D26459430%26campaign_item_id%3D3716617046%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fc8d6b46cac1827bf1c3fa1bbbae8bda9.jpg%26tblci%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDC3FYo2NSVu738x9DwAQ%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDC3FYo2NSVu738x9DwAQ&vi=1691169140683&p=adders-other-sc&r=29&lti=deflated&ppb=CJwF&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjk4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwje__________8BEN7__________wEYImRjCKo1EIhNGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCORJELthGDhkYwiWFBCfHBgYZGMI0gMQ4AYYCGRjCP9GEO5dGB1kYwikJxCKNRgvZGMI8f__________ARDx__________8BGA9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHS56SMnDE&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://915ac9.llsdzktnxwnnr.com/
Title: Carros usados | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=4c41b4a67f8fb7207b8dfef6ed4ab5bd&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169141_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~6033849917226182036~~VDZ3Fyl4bqwq2KRrFNGO3IM3cFZGeLXcShn91OR95YVw6cLzOYgYTH58zK8cIqqSROuLfU8ViNmH_B7cGvTC0CQ8uvbUrMm91EgKaAErHuTM1Kay2unK4e7Ts7KvwUZOEyiUg2218cYZxxELhmd5oPmDIhCreX2gYPy11UC2511jY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=9d8275aac9e00bf639cbc563cc64e4a0d0d94da833a2&redir=https%3A%2F%2F915ac9.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DArcos%2BDe%2BValdevez%253A%2BPoder%25C3%25A1%2Bficar%2Bsurpreendido%2Bcom%2Bos%2Bpre%25C3%25A7os%2Bdos%2Bcarros%2Busados%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCBgE8orePk9L_Z8dn7AQ%26subid4%3Dez-pt-a-used3pt-286189-a0705-tb%26kw1%3DSites%2BCarros%2BUsados%2BPara%2BIdosos%2BPortugal%2B2023%26kw2%3DMelhor%2BCarros%2BUsados%2BPara%2BIdosos%2BPortugal%2B2023%26kw3%3DLeilao%2BDe%2BAutomovel%2Bin%2B2023%26kw4%3DCusto%2BJusto%2BCarros%2BPerto%2BDe%2BMim%26kw5%3DCarros%2BUsados%2BPortugal%2B2023%26kw6%3DCarros%2BUsados%2BBaratos%2BPortugal%2B2023%26kw7%3DLeilao%2BDe%2BCarros%26kw8%3DMelhor%2BCarros%2BUsados%2BPara%2BIdosos%2BPortugal%2B2023%2BPre%C3%A7os%26kw9%3DMelhor%2BSites%2BCarros%2BUsados%2BPara%2BIdosos%2BPortugal%2B2023%26kw10%3DLeilao%2BDe%2BAutomovel%2BPerto%2Bde%2Bmim%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiCBgE8orePk9L_Z8dn7AQ&vi=1691169140683&p=mmosworld-auto-dt-sc&r=43&lti=deflated&ppb=CKIB&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyNjk4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwje__________8BEN7__________wEYImRjCKo1EIhNGDJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCORJELthGDhkYwiWFBCfHBgYZGMI0gMQ4AYYCGRjCP9GEO5dGB1kYwikJxCKNRgvZGMI8f__________ARDx__________8BGA9kYwj0FBCeHRgfZHgBgAECiAHJgoxJkAEcmAHS56SMnDE&cta=true
Title: Saiba Mais

Search URL Search Domain Scan URL

URL: https://track.trk51.com/8c4d5f1e-b861-4f8e-bb6f-9ce186e0ac23
Title: Elevadores de escada | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://5minstory.com/pt-watermelontricks/
Title: 5minstory.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trk.go-aas.com/sea
Title: SUVs | Links patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=5095affd6b8c3db55bea29d7fe92e9b2&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~-904043495400908247~~7N7R7ftkWU_wKdODtHYJDsL4f_-6Wq8jv8-LRsLGRUnNPx5X3xPoQOfTqHxL0AZRPn94eeVGNe5GDyhTMv346sUyI9zJP5zsCUrgvE1selH04NiLlIkCdscJlynvusRufe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=c0e9103599215a5b653a390c439b6dd42898a97c0984&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fclk%2F563686785%3B372774406%3Bd%3Fhttps%3A%2F%2Fwww.elcorteingles.pt%2Fofertas-limite%2F%3Futm_campaign%3D20230803-ver-ofertaslimite-I%26utm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_gmpid%3D372774406%26utm_content%3D3719019281_http%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F5555dd5a250e43723cc5329af7c637c6.jpg%26utm_term%3Dpalmate-bg3co_1524057%26utm_artemis%3DAproveite%2Bos%2Bdescontos%2Bem%2BModa%252C%2BCasa%252C%2BDesporto%2Be%2Bmuito%2Bmais%2521%26tblci%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDZyFMom7bmhpyNk_-KAQ%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDZyFMom7bmhpyNk_-KAQ&vi=1691169140683&p=elcorteinglsportugal-sc&r=50&lti=deflated&ppb=CO0C&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxMzM4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwiqNRCITRgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI5EkQu2EYOGRjCP9GEO5dGB1kYwj0FBCeHRgfZGMI8f__________ARDx__________8BGA9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAGg4KSMnDE&cta=true
Title: Compre já

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&it=text&ii=~~V1~~-904043495400908247~~FxxZ3LPRkp2_fKWgw7htpML4f_-6Wq8jv8-LRsLGRUl5Ubnla8sSsUPN7ckmSMkTPn94eeVGNe5GDyhTMv346sUyI9zJP5zsCUrgvE1selHCjsApvR1rhytp32cygFpDfe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=83b906393442d7118ee83f9337d7bbf6d8f7add18ba3&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fclk%2F563686785%3B372774406%3Bd%3Fhttps%3A%2F%2Fwww.elcorteingles.pt%2Fofertas-limite%2F%3Futm_campaign%3D20230803-ver-ofertaslimite-I%26utm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_gmpid%3D372774406%26utm_content%3D3719019281_http%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F5555dd5a250e43723cc5329af7c637c6.jpg%26utm_term%3Dpalmate-bg3co_1524057%26utm_artemis%3DAproveite%2Bos%2Bdescontos%2Bem%2BModa%252C%2BCasa%252C%2BDesporto%2Be%2Bmuito%2Bmais%2521%26tblci%3DGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDZyFMoh52TuqfUvajpAQ%23tblciGiBRNmIYt19ThrC_NFdJqesXwauCnMuXk9kFrK_00pueyiDZyFMoh52TuqfUvajpAQ&vi=1691169140683&p=elcorteinglsportugal-sc&r=34&lti=deflated&ppb=CIoH&cpb=EhMyMDIzMDgwMi0xNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxMzM4gJKAzAtAhNQMSL7YDFDj7NgDWP___________wFjCNA3EI5TGDBkYwiqNRCITRgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI5EkQu2EYOGRjCP9GEO5dGB1kYwj0FBCeHRgfZGMI8f__________ARDx__________8BGA9kYwikJxCKNRgvZHgBgAECiAHJgoxJkAEcmAGg4KSMnDE&cta=true
Title: Compre já

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 64

https://ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/B30394074.372774406;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/B30394074.372774406;dc_pre=CPP5lYDAw4ADFYPhuwgdlcQCig;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co

Request Chain 96

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 113

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 173

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 180

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1691169143&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169142824&bpp=41&bdt=1866&idt=618&shv=r20230802&mjsv=m202307310102&ptt=5&saldr=sa&correlator=5933234084181&frm=23&ife=1&pv=2&ga_vid=1496562723.1691169144&ga_sid=1691169144&ga_hid=1353244589&ga_fc=0&ga_cid=amp-D1SARxX8drOmvGAZKqGP7g&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1824040908&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076509%2C31076512%2C31076687%2C31076688&oid=2&pvsid=942301330773389&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.stuh4026lrfh&fsb=1&dtd=1002 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 214

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 219

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1691169145&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169144624&bpp=20&bdt=3640&idt=393&shv=r20230802&mjsv=m202307310102&ptt=5&saldr=sa&correlator=5933234084181&frm=23&ife=1&pv=1&ga_vid=904049928.1691169144&ga_sid=1691169145&ga_hid=857971440&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1106&biw=1600&bih=1200&isw=336&ish=280&ifk=3640285050&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076509%2C31076685%2C31076687%2C44769661&oid=2&pvsid=2290228069847976&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qoour64m451m&fsb=1&dtd=464 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 232

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 294

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 295

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

324 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html Show response
www.bg3.co/a/ 55 KB
16 KB 1656ms
1105ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b458a68796fcaa7ef6ac071d2dedd3ad43eba0bde424e6f508485c29957f0115

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 17:12:19 GMT
etag: "dd80-WI3MLxqfJRF8bCIs0ygajOXTtEw"
expires: Fri, 04 Aug 2023 17:27:19 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 671ms
239ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

bec100a88725b8aa87c85af62b54a24314255cf4f2f9a40eb49a5f4606b37fd9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 17:12:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72951
x-xss-protection: 0
server: sffe
etag: "8f4eaea38fc96a6c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Aug 2023 17:12:20 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
11 KB 513ms
82ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

ac4a5d4f7704bfabd97126241009d730d156e68859c8bd7d0db1f049acc39e95

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 17:12:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9715
x-xss-protection: 0
server: sffe
etag: "eb48d635b40b4bb9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Aug 2023 17:12:20 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 497ms
92ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 17:12:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7620
x-xss-protection: 0
server: sffe
etag: "8b05dcb7f07f21a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Aug 2023 17:12:20 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

192ms
73ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Db%2FypQM0J8md2f%2BvFHDSOyY6SD87sK0ASEBwbM64xnOmHzE0OBajL2O%2BRp4bYR18hHnIxEOWig83KW9glc11g97WxLZlFZEYMYuUPalUi1tNCZEEofn85JGqECx7cR5QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f186cb96e023849-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 338ms
84ms Script
application/javascript 193.108.153.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-15.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: db679fb04f86d00555bbdf7cc64d3f537339a48fbbefb4f0cbb43ab0c644b798

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:20 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 07:00:29 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10017
expires: Fri, 04 Aug 2023 18:12:20 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 650 KB
137 KB 512ms
77ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: c3b841038d3e92059d020f8e07ac081fe3e75b5d274f88107475158bd05a834d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:20 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 04:50:44 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691169140340_389467673_42893874_49_947_37_0_146";dur=1
x-cf-geodata: PT
content-length: 139515
expires: Fri, 04 Aug 2023 18:12:20 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 422 KB
49 KB 412ms
254ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05afbee7b4263debad8d14f0561fc504bbbe72f3ec94db0f4862184c6bf7b467

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B.CcmElMEkigZNLSR25YyFMppGqP.Kq4
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:20 GMT
x-amz-request-id: 29MKAVSJKAFKB2Q4
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 49728
x-amz-id-2: isUHUGUdlGpyPrvblMs58W/1G0Y/mLCYEMHSqlRktUbKYd4nhYU81mfEgJx2tFdMdGEWt7dJ4XM=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:08:19 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169140.134767,VS0,VE218
etag: "d9568b90a5b926a707848be6a7dc7a5d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1164ms
545ms Script
text/javascript 54.150.78.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.78.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-78-24.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7580769c2e7a0b58d59bcc88ad94ec4baaf22e55156ab7ed774f936f7006470e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 194ms
71ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691169140.cdn4-pxy206-mad02.ma1.evs,1691169140.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET
H2 200 impl.20230802-16-RELEASE.js Show response
cdn.taboola.com/libtrc/ 792 KB
164 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: be1e74c1b5359991d1809967d6a3bddaed43055482e5e42b4c0cf324177dcf3c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B8xxB0GScEP_RQvy7Qheco1XNO8C16fh
content-encoding: br
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:20 GMT
x-amz-request-id: 99Q280JM7GM9CHF9
age: 18375
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167712
x-amz-id-2: ++X/oq15QgAceArVCgEXr+lWtB7nfpQt3W8hnUz7+z1maG/RrHb74IY3IDtci0NnO23FtqPSRQQ=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 12:04:43 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.528706,VS0,VE0
etag: "9bd2884e43a521953c7e23ef55609cae"
vary: Accept-Encoding
content-type: application/javascript
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 17947

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 78ms
77ms Image
image/jpeg 193.108.153.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1691169140570
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-15.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:20 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Fri, 04 Aug 2023 18:12:20 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 64ms
63ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691169140.cdn4-pxy206-mad02.ma1.evs,1691169140.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 221ms
75ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 272953
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 74 KB
18 KB 485ms
479ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A12%3A20.688&lti=deflated&data=%7B%22id%22%3A942%2C%22ii%22%3A%22%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690996095317%2C%22vi%22%3A1691169140683%2C%22cv%22%3A%2220230802-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22vpi%22%3A%22%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3216%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A802%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e14941f98b09b1dd6d67f0ac493b1b4d8720ed099108c25e9c1b30035960deae

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 440
date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 97923
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490030-LIS
server: nginx
x-timer: S1691169141.715649,VS0,VE440
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET 5669015b76def1486dc55f73fd09cc39.jpg
static.bg3.co/imgs/202106/ 0
0

GET a8795b1c8283c2da1092400c03132974.jpg
static.bg3.co/imgs/202106/ 0
0

GET 47b4785ae5dbe1376c6a981fcc912b64.jpg
static.bg3.co/imgs/202106/ 0
0

GET ef1e9d8df305b9d731fbaee4f616a438.jpg
static.bg3.co/imgs/202106/ 0
0

GET 31dc01deace2fb573ab131da79e03c54.jpg
static.bg3.co/imgs/202105/ 0
0

GET 496d9e83d8cded4e0d542712b842c788.jpg
static.bg3.co/imgs/202112/ 0
0

GET c13d6d48566c6add80fe31c36f1d57bd.jpg
static.bg3.co/imgs/202105/ 0
0

GET febfe917bcfddf1bfd00eae2c282eeef.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8c7255c634d9706af2960a7a8a423145.jpg
static.bg3.co/imgs/202105/ 0
0

GET bac3e767d003da913c2194edee25444a.jpg
static.bg3.co/imgs/202105/ 0
0

GET b1ae3f444005a5551ed1410ecaa0c87c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 5555b9c0911ca799cad33952c927d69b.jpg
static.bg3.co/imgs/202107/ 0
0

GET 3f2377716ed3270df7cba415da9fe4be.jpg
static.bg3.co/imgs/202106/ 0
0

GET d5707bbc4f730360f8335d105af04f8c.jpg
static.bg3.co/imgs/202106/ 0
0

GET 348af84b9f7ae106950a40b9a84b4b32.jpg
static.bg3.co/imgs/202106/ 0
0

GET 0ff086c6ade89dda63ceb44011b3eeb2.jpg
static.bg3.co/imgs/202106/ 0
0

GET 1bb92eeebc023890f265970983bb45d8.jpg
static.bg3.co/imgs/202106/ 0
0

GET d340763b00b3097579ffe124b8f07c4c.jpg
static.bg3.co/imgs/202106/ 0
0

GET 61e6825057e9657f6df9f8c047bc1071.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 8 KB
3 KB 282ms
130ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

7aabf43feb1a7fc3ab72a0e668ed7a2270a372e6302e3d9c597276da6688b669

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:48 GMT
age: 248133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3024
x-xss-protection: 0
server: sffe
etag: "d7a7f0b16a50c91a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:48 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 82 KB
23 KB 221ms
76ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

3973cb55df9a5b6cb4455c50724a1bd7085b4ef8b1006996def9d92436c4e732

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 248135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23146
x-xss-protection: 0
server: sffe
etag: "1ad3966f9ca1cb05"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 2 KB
783 B 275ms
108ms Fetch
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ff5db27b3460f352d33d9dd07e320c709bf39c0fc3f68b83b7fa2c8ad44c6565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 13 KB
4 KB 270ms
129ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

120d6f4483a00a7bccde9737c262e1085fb41e91ac401ec44ec4faf16ecceab6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:48 GMT
age: 248133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "3d50c9c2d991323a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:48 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 259ms
94ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691169140972_389467673_42894262_53_855_35_0_146";dur=1
content-length: 122286
expires: Sat, 03 Aug 2024 17:12:21 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
559 B 190ms
94ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691169141066_389467673_42894263_35_846_35_0_146";dur=1
content-length: 211
expires: Sat, 03 Aug 2024 17:12:21 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 329ms
234ms Script
application/javascript 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1691169141066_389467673_42894264_286_785_35_0_146";dur=1
content-length: 18371
expires: Fri, 04 Aug 2023 18:12:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 1586ms
211ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c09affbaef88c48f2f3b81d4fa484dafd1eead6f338f46b2628efd33f9b935ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28025
x-xss-protection: 0
server: cafe
etag: 793 / 19573 / m202308010101 / config-hash: 3022073710135274902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:22 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 268ms
79ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTExNjkxNDA5MjYsInBhY2tldElkIjoiMDAwMEE3MDEtZGIxMjIyM2QtMzNjZi00MTA0LThkNWEtZGMxZTcxNWZlMjk5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2R1YW4td3UtcXVhbi10YWktYmlhby1nYW8td2VuLXpob25nLXlpLXNoaS1qaWFvLXppLXpoaS1sdW8tc2hlbi13dS1tZWktemhpLWZhbmctd2VuLWJhby5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJQVCJ9&c_b=2674.7000007629395
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:21 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 268ms
80ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:21 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 324ms
129ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

6bf122b7054e352794e08cd127c0c3fe32ecc2a258bde31001745898fbef7cce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R-74JNgB_aLEx23HaMBw9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-R-74JNgB_aLEx23HaMBw9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
619 B 61ms
58ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3433
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y2R4F0Kic4vQNG43uPJQQ0VtB8mbLc4owOmb95%2FP55irBYa9jn%2Fxx2Q7hGzCeyRtEWDuUCbawO1xG%2BLi11bnLGP%2B%2FvnHONuGrlcRxpULK2goqkm9jNOY2GPOikvXkNOZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f186cbb18af3849-MAD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 899ms
149ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 513ccfc5bf57f682dc2c37e4efa4b93a26a41301f3232fba6f81d130e75893a0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 2444ms
142ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 513ccfc5bf57f682dc2c37e4efa4b93a26a41301f3232fba6f81d130e75893a0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 802ms
215ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8295397542505938&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:21 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 3486ms
182ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.1059710578612032&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:24 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 280ms
82ms Script
application/javascript 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 11 Aug 2023 17:12:21 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 40 KB
10 KB 105ms
104ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

813259c2c1f1d3b42d9a6749d793fcc4d9cdf352160fb907c41a0e71c2de0b9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 248135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10409
x-xss-protection: 0
server: sffe
etag: "1f8c29a54f975295"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 518ms
78ms Script
text/javascript 23.53.42.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Fri, 04 Aug 2023 17:12:21 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 1177ms
751ms Script
text/plain 108.138.7.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MTE2OTE0MF8xXzdiNzBhOGIwMGQ0Zg%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-45.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 17:12:22 GMT
Via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: 7POvLwzDB8EnDvkV61u0bK6s4wmTtXGjHE7V7tRHC029UImZlY-Opw==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 floating-unit.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 52ms
38ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aa1a7f676b23d03e0df14306ac0cf191b16fe6eb240c81ee615ed7064572b1b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OmZbzpEJTo7XFDCXDLrj.ANHHsuYACjZ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: 6TYE6JP9QHS9MC5S
age: 172935
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: aheuFaOfaMruN9g/g0EAfIaPoJ/Z0f1OmChgFE+9r3To3W8sfvyrcNZt1ieOgyTYIueNEPvVGYI=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:10:06 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.331908,VS0,VE0
etag: "519d76086d8ffa72804c44c8e1faa8e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 22599

GET
H2 200 taboola-vignette-new-scanning.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 48ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ecae130ef7b35b2a5cd4dba747c7aa83265177bff7516e886f830f3fdd19048

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0IYAengg6EKLz0S33c86FT1laohTQBbK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: E5SCR2X7TVHJN1XK
age: 172916
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8020
x-amz-id-2: UPvvabEn5DoJ1/IijvUr7yF19c+n0DIvT+B+oV95aq8Fdkev7forb9v7pKiNMoMDMPDNEJfxlDQ=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:10:25 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.332922,VS0,VE0
etag: "02d672c8d7dc0c66b5c30b6cad88a449"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 23
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17945

GET
H2 200 distance-from-article.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 44ms
43ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96d79bc76089c234d4f0c629880ed645c629c4333475512373b0bf28b8006d88

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZAXTmSLzho47ve7epiJxohAxdcxPuaGr
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: RSERA19PFBBH5DFV
age: 172946
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: tfoZxVpwaOLh36XjcssHkAIwBENmIBLpbksDULV7aEpmllOgEC6itPnNCwtFf9+XOumurybypsk=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:09:56 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.412157,VS0,VE0
etag: "8da06794745c3ab33cc7a77b80e7c674"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 57
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 112570

GET
H2 200 article-detection.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 49ms
49ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 157b8bb7984f0dd91daaa945a1d12bdaf6046c8e8bf13c490ccf0b73142e533a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: O70RMgZAkH02cIYIgJ2_alINyWjBR8NM
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: G2Z8DQZP83DCKM56
age: 172953
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: qHRXiUzKt+gcOD/0lxWYjHCvbOBHhm/BOeUdHhUD4Cj8G2hQCZh3HZGnfaKUGuQ90JxXV+q4vvg=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:09:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.412154,VS0,VE0
etag: "d28dd715b07bcf0b608e18615eb0c0a0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 112578

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.8/ 123 KB
35 KB 45ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 60d5d039ddd1dfa7f8fb545bcd965e3a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 201918
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35439
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 09:05:47 GMT
server: AmazonS3
x-timer: S1691169141.425321,VS0,VE0
etag: "d79f8f745c3d1249268e49970ed0fc7f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: q4JJzOTl7HGkaWAXATt-Eba-nc3Q-Y1cg8Dvdj9l8__M7sFmkbM74A==
x-cache-hits: 5112

GET
H2 200 feed-card-placeholder.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 42ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483c9a1ce13fa92848c0ab2a36a6945db7e76a382350ac50ceedd15f72664b93

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4wFlsSKqYEe4PA9qAUj28jU9WXoLHCRP
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: B9MXW42G45YGH0RE
age: 172940
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: r+15g+ev6RDaf6iA41V1JqD91cd7DAS2FLo3WbKIRrmoVx66ctRU6oepEWIbCGMsxDHWNk/qaPU=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:10:01 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.435469,VS0,VE0
etag: "609b064d1452cc9df22381e5cb30c0cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 84519

GET
H2 200 userx.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 40ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27df41a622e2878aa94077bc3feacce6960f86d938d28032b33482c6964effea

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wl.Gjyw0zdwoHDMPybGtlSC3SX4EYkcB
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: R29B3ZBTQYDV7GP6
age: 172913
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: avxqOZv8yiuWNwvu0KV0p6c6e4OXGeoK7F1dHBcgO5TaBAgyNf4xHhG5KDQU5BeEK4fFHHY8OXk=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:10:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169141.447205,VS0,VE0
etag: "8fcddfffbae4f07cb599ed2990b3dfc6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17243

GET
H2 200 explore-more.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 69ms
69ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a76fd1ee7cb0f61c064d0021a2557e94e1640e7d364be1dea867d47bb86b2497

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Qy8VBjqimOgz.xMK.tc3bxvu76j93MG5
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: P2MGD073GNQ18NSA
age: 172942
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8804
x-amz-id-2: 6rPOrEza9/K3zCeSGSf7Oy8tV1TCkG/j+S9ev1U2NEgwgJ5HZ4GeGSgss+XlEaf4lpGUEy0v8Iw=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:09:59 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169142.529073,VS0,VE0
etag: "4fc5ed82b9a6c7bb1e0244bad1170c7d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 49561

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 590ms
278ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=17%3A12%3A21.296&id=5938&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 595ms
284ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1691169141305%7D&tim=17%3A12%3A21.305&id=4848&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

B30394074.372774406;dc_pre=CPP5lYDAw4ADFYPhuwgdlcQCig;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/B30394074.372774406;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/B30394074.372774406;dc_pre=CPP5lYDAw4ADFYPhuwgdlcQCig;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_...

42 B
220 B

92ms
91ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/B30394074.372774406;dc_pre=CPP5lYDAw4ADFYPhuwgdlcQCig;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1026622.2069703TABOOLA/B30394074.372774406;dc_pre=CPP5lYDAw4ADFYPhuwgdlcQCig;dc_trk_aid=563784313;dc_trk_cid=196124228;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=bg3.co
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 585ms
280ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1691169141338%7D&tim=17%3A12%3A21.338&id=4531&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 590ms
286ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A12%3A21.486&id=5088&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 63ms
63ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 35
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169142.604568,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 35
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 9

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 213 KB
56 KB 75ms
75ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

7aeb79f60a16395b0f980556f6421e611710f447efd99ad7072d88eb4cb5f94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:17:37 GMT
age: 248084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57602
x-xss-protection: 0
server: sffe
etag: "fbb020b0835c67fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:17:37 GMT

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 20 KB
7 KB 625ms
624ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A12%3A21.635&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A379%2C%22ii%22%3A%22%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA%22%2C%22ui%22%3A%2226c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4%22%2C%22uifp%22%3A%2226c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4%22%2C%22lbt%22%3A1690996095317%2C%22vi%22%3A1691169140683%2C%22cv%22%3A%2220230802-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22vpi%22%3A%22%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4339%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A802%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6e8e4c536dfe7cf4bd670b8f3116ca672fe9be099bff54e5dadbb5414f777da

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 544
date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 98454
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490030-LIS
server: nginx
x-timer: S1691169142.659374,VS0,VE544
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 5555dd5a250e43723cc5329af7c637c6.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_737%2Cx_131%2Cy_24/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 44ms
42ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_737%2Cx_131%2Cy_24/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 034962ddeae5ea3ed4a6fa71d447fd8d7930932b4d261adc6bebe0684de50d5a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_737%2Cx_131%2Cy_24/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
age: 195851
edge-cache-tag: 436296804240341160238374047829443862039,592576083241241173659716321987477845809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436296804240341160238374047829443862039,592576083241241173659716321987477845809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 410
req-referer: https://ads.taboola.com/
content-length: 13054
x-request-id: f83c6da6b841199d9962e33720b0fb70
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000070-IAD, cache-iad-kcgs7200053-IAD, cache-lga21940-LGA, cache-iad-kjyo7100126-IAD, cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 10:48:00 GMT
server: nginx
x-timer: S1691169142.684519,VS0,VE0
etag: "68e25b27515ac6d7d10a39e23051a30d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 5301

GET
H2 200 5555dd5a250e43723cc5329af7c637c6.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_992%2Cx_4%2Cy_52/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 40ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_992%2Cx_4%2Cy_52/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b35f26590a665d1dc3c5e292024c7b6a440412047d107beb279e0f47a72ba9e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_992%2Cx_4%2Cy_52/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
age: 195849
edge-cache-tag: 436296804240341160238374047829443862039,538986980445649153262725520924149766053,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436296804240341160238374047829443862039,538986980445649153262725520924149766053,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 475
req-referer: https://ads.taboola.com/
content-length: 13402
x-request-id: 343ca051a8466a8c6a4c7122ec628b36
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100179-IAD, cache-iad-kjyo7100136-IAD, cache-lax10647-LGB, cache-iad-kjyo7100159-IAD, cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 10:48:00 GMT
server: nginx
x-timer: S1691169142.684388,VS0,VE0
etag: "355b05afd858e0ec65364018db2244ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1817

GET
H2 200 6a0bf873365825a7f8cd88562523439a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 43ms
43ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a0bf873365825a7f8cd88562523439a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af30b70f76e35c1125a616c9bc21c4d072445c4400ce5ebf32a0a986a1a85105

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a0bf873365825a7f8cd88562523439a.png
age: 1655570
edge-cache-tag: 428802058222425285953010470555338494602,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 428802058222425285953010470555338494602,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 163
expiration: expiry-date="Sun, 23 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://jovempan.com.br/
content-length: 37790
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kjyo7100112-IAD, cache-lga21947-LGA, cache-iad-kcgs7200034-IAD, cache-lis1490030-LIS
last-modified: Thu, 22 Jun 2023 04:40:21 GMT
server: nginx
x-timer: S1691169142.727756,VS0,VE0
etag: "a53d066b9e0325b910cb2366f590cf8b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 49, 3

GET
H2 200 plastic-containers.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/10/14144452/ 16 KB
17 KB 45ms
45ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/10/14144452/plastic-containers.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5aad0b244a5dd756f46d9592b6fa0447daeb76ff356598313ac16d0c09e2073

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/10/14144452/plastic-containers.jpg
age: 1863404
edge-cache-tag: 416672402079168185432851039872062745535,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 416672402079168185432851039872062745535,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 120
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://programmetv.ouest-france.fr/
content-length: 16332
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200100-IAD, cache-chi-klot8100087-CHI, cache-iad-kjyo7100031-IAD, cache-lis1490030-LIS
last-modified: Tue, 13 Jun 2023 22:23:19 GMT
server: nginx
x-timer: S1691169142.728769,VS0,VE1
etag: "e327947d1d080ef7421a7d7ebc5986b8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 3, 1

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 46 KB
47 KB 54ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e6bd9cf799ddb4e4867ebbd8eda5ebb6de73f8a2adb0e7f01e238cd4e566cfd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 1466839
edge-cache-tag: 551899590818595054600822573868099260938,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 104
req-referer: https://www.funco.biz/
content-length: 47410
x-request-id: a3b3bfaebf707f591e391afb3cbdb8ec
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kcgs7200030-IAD, cache-sna10726-LGB, cache-iad-kjyo7100100-IAD, cache-lis1490030-LIS
last-modified: Tue, 18 Jul 2023 15:06:49 GMT
server: nginx
x-timer: S1691169142.758679,VS0,VE1
etag: "9b3a046ea2b85286e46798e36a383a84"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 13, 1

GET
H2 200 grind-teeth.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/ 4 KB
5 KB 135ms
134ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/grind-teeth.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 923a7b663f0ae75798ba3f713e3f828f1345d152aeb27931de3547d6764639cf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/06/grind-teeth.jpeg
age: 534566
edge-cache-tag: 462450983672836155812358273886593476373,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 462450983672836155812358273886593476373,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 63
req-referer: https://www.conselhosetruques.com/
content-length: 4270
x-request-id: 8e1e30712a3e87862845c2b68c379ec5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200104-IAD, cache-iad-kiad7000131-IAD, cache-sna10729-LGB, cache-iad-kcgs7200059-IAD, cache-lis1490030-LIS
last-modified: Fri, 30 Jun 2023 09:00:17 GMT
server: nginx
x-timer: S1691169142.774073,VS0,VE90
etag: "c3f5489efa797861b3742ba86c35384e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 0

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 46ms
45ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a483647e3045f6f8835b3cba32fde7c4a51d45be87661f5b74a0a4277e6af7fb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 2765264
edge-cache-tag: 629278368362485812204278233016319296852,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 439
req-referer: https://d-2750774482671106744.ampproject.net/
content-length: 17684
x-request-id: c7885c8b973adb1f4fb7de129d9e62d5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kjyo7100178-IAD, cache-sna10751-LGB, cache-iad-kiad7000129-IAD, cache-lis1490030-LIS
last-modified: Fri, 23 Jun 2023 03:33:32 GMT
server: nginx
x-timer: S1691169142.777885,VS0,VE1
etag: "016e285c68605761da7c71cc21e6ef69"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5914, 1

GET
H2 200 5555dd5a250e43723cc5329af7c637c6.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_989%2Cx_6%2Cy_22/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 55ms
53ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_989%2Cx_6%2Cy_22/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09a4ef2558984df29baac1e2acc4457e97bc009720d358dc286b1378a0b974d4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_989%2Cx_6%2Cy_22/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
age: 195909
edge-cache-tag: 436296804240341160238374047829443862039,575679702062454802972305520094483230049,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436296804240341160238374047829443862039,575679702062454802972305520094483230049,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1031
req-referer: https://ads.taboola.com/
content-length: 14660
x-request-id: afcb25a5e2ca5c50647da8738b096958
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000109-IAD, cache-iad-kiad7000079-IAD, cache-sna10727-LGB, cache-iad-kiad7000048-IAD, cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 10:34:22 GMT
server: nginx
x-timer: S1691169142.812141,VS0,VE0
etag: "30e284b0049a5a86c0b25d24a798936e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 19896

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 54 KB
55 KB 50ms
50ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a4d717e4a3db30d082da88e16c3e4a17f62f27efcd2a23d1a4e36de8011981dc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 293961
edge-cache-tag: 551899590818595054600822573868099260938,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 348
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://ballercap.com/
content-length: 55420
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000027-IAD, cache-iad-kiad7000027-IAD, cache-lga21929-LGA, cache-iad-kcgs7200063-IAD, cache-lis1490030-LIS
last-modified: Tue, 18 Jul 2023 15:06:50 GMT
server: nginx
x-timer: S1691169142.824984,VS0,VE0
etag: "309cb0f33421d6166bbfa50c84cf557f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 1, 3

GET
H2 200 6a0bf873365825a7f8cd88562523439a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 126 KB
127 KB 58ms
58ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a0bf873365825a7f8cd88562523439a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd2454c341f99f870bd9592ee154317e58041608f22d17f0eec37b0e79df4237

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a0bf873365825a7f8cd88562523439a.png
age: 1655569
edge-cache-tag: 428802058222425285953010470555338494602,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 428802058222425285953010470555338494602,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 374
expiration: expiry-date="Sun, 23 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://noticias.r7.com/brasilia/cidade-alerta-df/videos/policial-militar-do-df-e-condenado-a-12-anos-por-estupro-coletivo-14072023?utm_source=taboola
content-length: 128794
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kjyo7100112-IAD, cache-sna10724-LGB, cache-iad-kjyo7100096-IAD, cache-lis1490030-LIS
last-modified: Thu, 22 Jun 2023 04:40:21 GMT
server: nginx
x-timer: S1691169142.872919,VS0,VE1
etag: "a53d066b9e0325b910cb2366f590cf8b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 7, 1

GET
H2 200 plastic-containers.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/10/14144452/ 35 KB
35 KB 96ms
94ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/10/14144452/plastic-containers.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d69abf812ddb98efedf66c8e74622ccdf1e86e89be2c6f0fe695afa7d83d182b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:21 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/10/14144452/plastic-containers.jpg
age: 1863404
edge-cache-tag: 416672402079168185432851039872062745535,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 416672402079168185432851039872062745535,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 1066
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://receitatodahora.com.br/como-limpar-panela-queimada-sem-fazer-esforco-usando-apenas-1-ingrediente/
content-length: 35376
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200100-IAD, cache-sna10750-LGB, cache-iad-kcgs7200067-IAD, cache-lis1490030-LIS
last-modified: Tue, 13 Jun 2023 22:23:19 GMT
server: nginx
x-timer: S1691169142.883396,VS0,VE1
etag: "e327947d1d080ef7421a7d7ebc5986b8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 1

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 258ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.491&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=1085&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=1&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 259ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.494&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=4782&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=2&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 259ms
195ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.525&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=5170&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=3&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 260ms
195ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.531&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8441&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=4&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 260ms
196ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.542&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9904&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=5&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 261ms
197ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.640&type=usage&msg=New_CTA-event-1691169141640&llvl=2&id=5519&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=6&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~ypfYE0j0qWiVm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 261ms
198ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.640&type=usage&msg=New_CTA-event-1691169141640&llvl=2&id=6392&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=7&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-item_branding_before_title%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~ypfYE0j0qWiVm%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 262ms
198ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.647&type=usage&msg=New_CTA-event-1691169141647&llvl=2&id=6536&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=8&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~MzBekeY3HPASW%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 262ms
199ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.647&type=usage&msg=New_CTA-event-1691169141647&llvl=2&id=4737&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=9&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~MzBekeY3HPASW%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 262ms
199ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.653&type=usage&msg=New_CTA-event-1691169141653&llvl=2&id=1339&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=10&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-4467127564505210298~~qxxaHdFowQPS%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 263ms
200ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.653&type=usage&msg=New_CTA-event-1691169141653&llvl=2&id=838&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=11&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-4467127564505210298~~qxxaHdFowQPS%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 287ms
224ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.655&type=usage&msg=New_CTA-event-1691169141655&llvl=2&id=549&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=12&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~7N7R7ftkWU_wK%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81723

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 288ms
225ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.655&type=usage&msg=New_CTA-event-1691169141655&llvl=2&id=4599&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=13&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~7N7R7ftkWU_wK%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81723

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 289ms
226ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.684&type=usage&msg=New_CTA-event-1691169141684&llvl=2&id=2079&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=14&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~MzBekeY3HPASW%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81723

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 168C 495 B
664 B 1030ms
290ms Document
text/html 52.193.39.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.39.238 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-39-238.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 04 Aug 2023 17:12:22 GMT
etag: "64cc429d-1ef"
last-modified: Fri, 04 Aug 2023 00:13:17 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2D02
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

1695ms
78ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Aug 2023 17:12:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 1379ms
102ms Script
application/javascript 18.66.97.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:17:16 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: fxLovMb2GZBzQU95F4GUPDPrLSbz32X3me3n0i4wjSztunvzRLItVA==

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 110 KB
31 KB 92ms
91ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

195251f734458153a0d5d070fc3439725d825ecea5bf2d10e2200f54072c36ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 248135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32170
x-xss-protection: 0
server: sffe
etag: "363d8deba5bba0d7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 nameframe.html
d-509506171156017602.ampproject.net/2307212240000/ 0
0 572ms
81ms Other
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-509506171156017602.ampproject.net/2307212240000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 next-up-widget.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 59ms
59ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cba353b989f22df27f12a51ac2c35ef7f827f7f49ceb136c67e4ecb4bde51fb2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xx7dTOvM3Bm3LcuBYEF8QClHLnSEqMz5
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: PKZY7V9XCS4WRNP1
age: 172933
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: GHikoaghg0PjOglzVv+Lx+mnGuUDYyTeGoOaWxCJVmqNkPQN+Bi6/htVNLW1q6/G1oMUCI+u4aE=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:10:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169142.860871,VS0,VE0
etag: "8ab2f7201056099b4b138c43c3316cea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 22413

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 304ms
250ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1915%7D%22%2C%22eventTime%22%3A1691169141826%7D&tim=17%3A12%3A21.826&id=60&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 303ms
248ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A12%3A21.855&id=4505&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 259ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A21.889&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7878&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=15&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 78004

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 1357ms
107ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 17:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 16:12:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 17:12:23 GMT

GET
H2 200 spa-detector.20230802-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 229ms
200ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230802-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c4244b644065bcbd991b01a28f1225268d7d04877da99f2e22d166f754fea4d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gA1zFMBMezkpuJOETiwMtQPUae1MXfV4
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:21 GMT
x-amz-request-id: D0B5Z77020JZC6CY
age: 172926
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: trhHSoOP3q1JQuiCYTBdzAh1KsnmMCsViMC2XCQRaejx2SC2UV+1MiHAJFYi/LvSb37EAZZ9TRE=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 17:10:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691169142.979878,VS0,VE0
etag: "ef0a4512b60f189501c5e7f120cc550f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 50895

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 277ms
249ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A12%3A21.924&id=8040&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 275ms
247ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1691169141926%7D&tim=17%3A12%3A21.926&id=8028&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 277ms
249ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A12%3A21.928&id=1370&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 275ms
248ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=e35308670716ed34bf1a4febc17841d8&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169140_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1691169141931%7D&tim=17%3A12%3A21.931&id=2032&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 103ms
96ms Script
application/javascript 23.53.42.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Fri, 04 Aug 2023 17:12:21 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A88D 92 KB
32 KB 410ms
210ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

693cbe4a82f4d6e12b706886d70d2314ce00e33fa806ae0ad13f91979359aaf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32859
x-xss-protection: 0
server: cafe
etag: 13821705133660924756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:22 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame FF07 714 B
772 B 94ms
92ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 13005
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f186cc1687286c9-MAD
content-encoding: br
content-type: text/html
date: Fri, 04 Aug 2023 17:12:22 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QngrMNTTALcxNGB%2FRyS32SvYu%2F9Lsu2Z4hugnwWu6yqc1CIcEFH7PIzd5W6%2F58MAfoJKNkATefXfkRr5Q16FO%2Bit9rJApAoOKcZsg1nwVdV%2BOt05fN8ahnE6BoN8ptuVqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A773
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

1591ms
124ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Aug 2023 17:12:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 6527ms
137ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:28 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 136ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.067&type=usage&msg=New_CTA-event-1691169142067&llvl=2&id=7517&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=16&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~FxxZ3LPRkp2_f%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81723

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 137ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.068&type=usage&msg=New_CTA-event-1691169142068&llvl=2&id=4704&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=17&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~FxxZ3LPRkp2_f%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81723

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 2 KB
886 B 102ms
91ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 248139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "04ae58ebce20b996"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 583ms
111ms Fetch
application/json 172.64.165.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.165.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29839
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Aug 2023 08:55:03 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOmIlP%2F0u3NJzjqv6M5JOA2fqcyhzZ2VwTqUH5PdbTJcqFMhlL2eRloH0ceXteDdsymklGScI1gdo2b4Uq465k07MnjLsrLOXDXPBZJQ3NAO6Tw5A3Oa4qU1%2B9joLcZ940Tw3Ypm1Rlv5WZvsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7f186cc50e311bb3-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 3 KB
956 B 104ms
92ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 248139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "1e21a00c5f0706dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2 200 5555dd5a250e43723cc5329af7c637c6.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_658%2Cx_171%2Cy_26/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 130ms
123ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_658%2Cx_171%2Cy_26/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 11d9c87ac54dd2f5e599d2fd5867c6584a87cfe6316cef2ab47e0b4f6692eca5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_658%2Cx_171%2Cy_26/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5555dd5a250e43723cc5329af7c637c6.jpg
age: 195850
edge-cache-tag: 436296804240341160238374047829443862039,620212713610274980330158781141947651830,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436296804240341160238374047829443862039,620212713610274980330158781141947651830,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 404
req-referer: https://ads.taboola.com/
content-length: 12812
x-request-id: ecbf728e64479a9e68922a969677c577
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000173-IAD, cache-iad-kjyo7100158-IAD, cache-sna10746-LGB, cache-iad-kjyo7100028-IAD, cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 10:48:00 GMT
server: nginx
x-timer: S1691169142.123191,VS0,VE0
etag: "ee784882b64149f088dc37c555b6ed30"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 4710

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 6 KB
7 KB 65ms
58ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78637d8a0d7809148efe84bbe2ba7bb712860fe6f5eeba55e0e442c220dc8841

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 1470875
edge-cache-tag: 551899590818595054600822573868099260938,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 487
req-referer: https://blogdonc.com/
content-length: 6096
x-request-id: 38767632f622efa0f643a10abea6b938
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kiad7000068-IAD, cache-sna10751-LGB, cache-iad-kjyo7100145-IAD, cache-lis1490030-LIS
last-modified: Tue, 18 Jul 2023 15:06:49 GMT
server: nginx
x-timer: S1691169142.187048,VS0,VE0
etag: "231a49a7481fdc5ad8a53a1cbd6d755c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 6a0bf873365825a7f8cd88562523439a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 67ms
59ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a0bf873365825a7f8cd88562523439a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30b91fe0ebe640f65543279d5d1b5101b1eac5e1a1ee8f1fc667a9fe883c99e3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a0bf873365825a7f8cd88562523439a.png
age: 3832196
edge-cache-tag: 428802058222425285953010470555338494602,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 428802058222425285953010470555338494602,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 777
req-referer: https://ittiloot.com/all/tadzhikistan/50116-gorjachaja-nedelja-v-tadzhikistan-pridet-anomalnaja-zhara.html
content-length: 12414
x-request-id: d735a9221307b96127ddfa13fa6c9b4e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200119-IAD, cache-iad-kiad7000162-IAD, cache-sna10725-LGB, cache-iad-kjyo7100174-IAD, cache-lis1490030-LIS
last-modified: Thu, 15 Jun 2023 13:16:20 GMT
server: nginx
x-timer: S1691169142.187045,VS0,VE1
etag: "d73491d90fdb41d422be546401b118f5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 30, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FF07 80 KB
28 KB 399ms
194ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3bcc3df6ece99347a638e512781664246627b2d45577c690d36edb4d086ada41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27679
x-xss-protection: 0
server: cafe
etag: 375 / 19573 / m202308010101 / config-hash: 3022073710135274902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:22 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 640ms
334ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H70RJDCE0NAD6XREF7ZH5WDR
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 st Show response
imprammp.taboola.com/ Frame A1FD 439 B
339 B 156ms
83ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&cmcv=&pix=undefined&cb=1691169142225&uv=3313&tms=1691169142225&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2061368-9154-4088-9f19-a5a318de6ee5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 380ec1ac30521052c2a7710df0aa8aabd7aa22698c10e95f90cbcb08747523dc

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 04 Aug 2023 17:12:22 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490030-LIS
x-timer: S1691169142.329777,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6BDE 577 B
663 B 3621ms
122ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4c46f93412d048468845a6eb11c9f23c40f44a8ff55126d664cfc16d6d24461a

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 04 Aug 2023 17:12:25 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
673 B 175ms
119ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691169142246&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1537&pt=614113391&tz=0&viewable=true&ddast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dc6aa216221bd58ce414a8529de0b8786f35903fbdb3c266f605c9f7b625029

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1477
x-cache: MISS
x-served-by: cache-lis1490030-LIS
pragma: no-cache
server: nginx
x-timer: S1691169142.329882,VS0,VE81
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 3616ms
124ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&cmcv=&pix=31589837&cb=1691169142224&uv=3313&tms=1691169142224&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1691169138252.9!ts:1691169142224&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-length: 0
server: nginx

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 1541ms
90ms Fetch
application/json 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 345ms
263ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.365&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=9930&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=18&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 262ms
231ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.530&type=usage&msg=New_CTA-event-1691169142530&llvl=2&id=950&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=19&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1759802803310014691~~dZBVjDJGgPt7%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 249ms
232ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.531&type=usage&msg=New_CTA-event-1691169142530&llvl=2&id=4819&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=20&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1759802803310014691~~dZBVjDJGgPt7%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 243ms
233ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.551&type=usage&msg=New_CTA-event-1691169142551&llvl=2&id=3438&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=21&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~4504988378040719468~~alFXN9Qmewzi3%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 243ms
234ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.552&type=usage&msg=New_CTA-event-1691169142552&llvl=2&id=4280&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=22&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~4504988378040719468~~alFXN9Qmewzi3%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 243ms
235ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.553&type=usage&msg=New_CTA-event-1691169142553&llvl=2&id=19&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=23&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~2610492907108992662~~_MvJfG55fLk8i%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 243ms
236ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.554&type=usage&msg=New_CTA-event-1691169142554&llvl=2&id=5722&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=24&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~2610492907108992662~~_MvJfG55fLk8i%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 240ms
237ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.558&type=usage&msg=New_CTA-event-1691169142558&llvl=2&id=4906&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=25&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-8986932063442230221~~XUX2gXASJcFj%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 233ms
233ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.565&type=usage&msg=New_CTA-event-1691169142565&llvl=2&id=9199&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=26&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-8986932063442230221~~XUX2gXASJcFj%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 88185

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 161ms
139ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.580&type=usage&msg=New_CTA-event-1691169142580&llvl=2&id=2881&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=27&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~6033849917226182036~~VDZ3Fyl4bqwq2%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81057

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 161ms
139ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A22.581&type=usage&msg=New_CTA-event-1691169142581&llvl=2&id=5116&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=28&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~6033849917226182036~~VDZ3Fyl4bqwq2%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81057

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A1FD 70 B
265 B 337ms
104ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&cmcv=&pix=undefined&cb=1691169142225&uv=3313&tms=1691169142225&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2061368-9154-4088-9f19-a5a318de6ee5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame A1FD 43 B
426 B 519ms
268ms Image
image/gif 99.81.196.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&cmcv=&pix=undefined&cb=1691169142225&uv=3313&tms=1691169142225&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=e2061368-9154-4088-9f19-a5a318de6ee5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.196.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-196-90.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame A1FD 0
125 B 373ms
109ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_1_3/infra/ 889 KB
148 KB 242ms
65ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 597ed7e46060dfafc51820d3b64f2e8554748c50e6aac55629147577108d1e77

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690967435
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: MYABEEEGFSRXFT8K
age: 201567
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690967435
x-amz-meta-mode: 33188
content-length: 150895
x-amz-id-2: HLln9rqCprHy4DoP12LoGzxXEzOsX+C7GHzmpvFVnRfC1INBJR6kFuXKoAV3btdrMDdef3vsQCg=
x-served-by: cache-lis1490048-LIS
last-modified: Wed, 02 Aug 2023 09:10:36 GMT
server: AmazonS3-br
x-timer: S1691169143.011765,VS0,VE0
etag: "e033ec33e5f5051bf3f914c984436aea"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 41201

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_1_3/assets/css/ 60 KB
8 KB 109ms
88ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690967454
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: MYA7T8R5PG6QGXR4
age: 201566
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690967455
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: tm58uSwySGKCfDMrjzC0rxgym7BKdiDJkBOy8wmUemRExi0whW7tvJb0rbfmx7M0AIn0Un/vO2s=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 09:10:56 GMT
server: AmazonS3-br
x-timer: S1691169143.836789,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 53518

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 160ms
140ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=deflated&ri=9ce9d1403880d728079a2dd4056fc05a&sd=v2_9377e8e13f607c9ff123aa398a324a14_26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4_1691169140_1691169141_CNawjgYQ2YJdGMvfpIycMSABKAEwswE4hNQMQL7YDEjj7NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&pi=/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&wi=3921742525708703391&pt=text&vi=1691169140683&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1691169142596%7D&tim=17%3A12%3A22.596&id=3339&llvl=2&cv=20230802-16-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 57b2331cf397aab128bba18513f6facb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
34 KB 763ms
743ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57b2331cf397aab128bba18513f6facb.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87e3e0ccc48a8f7a610124ffa62b5dc594e72992ed47ea6aeb08abe023f840f7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57b2331cf397aab128bba18513f6facb.jpeg
age: 1020391
edge-cache-tag: 413971867929742934235750513891832890032,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413971867929742934235750513891832890032,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 261
expiration: expiry-date="Wed, 09 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.elmundo.es/elecciones/elecciones-generales/2023/05/30/6475e454fdddff948f8b45ac.html
content-length: 34082
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200026-IAD, cache-iad-kiad7000148-IAD, cache-lga21923-LGA, cache-iad-kiad7000130-IAD, cache-lis1490030-LIS
last-modified: Sun, 09 Jul 2023 21:47:59 GMT
server: nginx
x-timer: S1691169143.837298,VS0,VE1
etag: "c84046cfdb2c8f43eee1affcd60d46e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 187dc81141d6a5010e3632fa0f5d55f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 95ms
90ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a714d7406f828cec4fec992c4c04936b38b69a21c812aff9ec9b17e9d8a9b37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
age: 1133434
edge-cache-tag: 537301612142190935677161674973253473942,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537301612142190935677161674973253473942,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 245
expiration: expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.pianetamilan.it/news-milan/interviste/milan-furlani-pulisic-intervista-espn-ultime-news-oggi-26-07-2023/?intcmp=gazzanet-furlani
content-length: 19328
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200112-IAD, cache-iad-kjyo7100065-IAD, cache-lax10631-LGB, cache-iad-kcgs7200086-IAD, cache-lis1490030-LIS
last-modified: Thu, 20 Jul 2023 04:22:48 GMT
server: nginx
x-timer: S1691169143.837275,VS0,VE0
etag: "a7839fdfd501800f3b2f16c50d379f86"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 184, 15

GET
H2 200 c8d6b46cac1827bf1c3fa1bbbae8bda9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 100ms
94ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8d6b46cac1827bf1c3fa1bbbae8bda9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2f5920a47191f701209e680038156ba5e0c93641aa241e8b609ce461af6d5d3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c8d6b46cac1827bf1c3fa1bbbae8bda9.jpg
age: 1940558
edge-cache-tag: 541869804936699608738429300052685082393,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 541869804936699608738429300052685082393,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 260
expiration: expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.journal-news.com/
content-length: 18820
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000043-IAD, cache-iad-kiad7000166-IAD, cache-sna10749-LGB, cache-iad-kiad7000103-IAD, cache-lis1490030-LIS
last-modified: Sat, 17 Jun 2023 13:45:00 GMT
server: nginx
x-timer: S1691169143.837266,VS0,VE0
etag: "a31fbee905a72b3879dd9f2193257958"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 0, 2

GET
H2 200 a164f3be39fb930f540d9af643a79f36.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 121 KB
121 KB 95ms
90ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a164f3be39fb930f540d9af643a79f36.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 217147e67716b6d334a88a1d8455195b1d4c9c67fda345d243f840b5d92b1f6d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a164f3be39fb930f540d9af643a79f36.jpg
age: 4500297
edge-cache-tag: 407249482422712535455330988543402727466,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 407249482422712535455330988543402727466,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 353
expiration: expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abola.pt/
content-length: 123560
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200129-IAD, cache-iad-kcgs7200130-IAD, cache-lax10634-LGB, cache-iad-kiad7000151-IAD, cache-lis1490030-LIS
last-modified: Mon, 12 Jun 2023 15:25:01 GMT
server: nginx
x-timer: S1691169143.837261,VS0,VE0
etag: "bc4e1d6ac9ee924992a84e71418451d5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 11, 2

GET
H2 200 f55962116240092ed9c9377d50f509a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
51 KB 751ms
746ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f55962116240092ed9c9377d50f509a9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 509adc2893bd24e3343afcd618ce812b7052eaa89f037102645735e7be82199b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f55962116240092ed9c9377d50f509a9.jpg
age: 5137025
edge-cache-tag: 364433770397563257036852888323841782067,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 364433770397563257036852888323841782067,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 337
expiration: expiry-date="Mon, 12 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 51676
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000038-IAD, cache-iad-kiad7000151-IAD, cache-sna10722-LGB, cache-iad-kcgs7200130-IAD, cache-lis1490030-LIS
last-modified: Fri, 12 May 2023 13:20:02 GMT
server: nginx
x-timer: S1691169143.837260,VS0,VE1
etag: "b4efdb88d29e73715d24de36700e6b84"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 48, 1

GET
H2 200 Untitled-design-2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jZwd15v/ 30 KB
31 KB 696ms
694ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jZwd15v/Untitled-design-2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0eacb36e592ebbbdc67268179d0bc1bef5b2eb1c757b864cdda3e1b30d8fd0e3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jZwd15v/Untitled-design-2.png
age: 1308362
edge-cache-tag: 529304613241964711950413827627090516632,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 529304613241964711950413827627090516632,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 5477
expiration: expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://flytant.com/
content-length: 31028
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000053-IAD, cache-iad-kcgs7200132-IAD, cache-lax10661-LGB, cache-iad-kcgs7200178-IAD, cache-lis1490030-LIS
last-modified: Tue, 18 Jul 2023 16:51:05 GMT
server: nginx
x-timer: S1691169143.957819,VS0,VE1
etag: "431bc78863f0ea07af5179eb11d0df7a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 132, 1

GET
H2 200 02fdf03860e7f5a8c23b1a5f43e5533d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 545ms
544ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02fdf03860e7f5a8c23b1a5f43e5533d.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1efed0c7163581bb91f6d4a69bf7d39f7dfc0ebfc116b7efa0c6c916ba8d8abe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02fdf03860e7f5a8c23b1a5f43e5533d.jpeg
age: 2070223
edge-cache-tag: 504704307835040720171349769608658414187,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504704307835040720171349769608658414187,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 144
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://flytant.com/
content-length: 6462
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200089-IAD, cache-iad-kiad7000159-IAD, cache-lga21931-LGA, cache-iad-kjyo7100024-IAD, cache-lis1490030-LIS
last-modified: Tue, 13 Jun 2023 10:15:15 GMT
server: nginx
x-timer: S1691169143.099848,VS0,VE0
etag: "f8ddc06a1e8135dc7e8799fce8f07c72"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 271, 23

GET
H2 200 23c1de97514e93799b30e1ac710535f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 38 KB
38 KB 529ms
529ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23c1de97514e93799b30e1ac710535f3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e25a92cc340297a6bcec3392bb7ef2855214f390761f6e657d7c8520c11bad4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 423
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23c1de97514e93799b30e1ac710535f3.jpg
age: 150737
edge-cache-tag: 361270766881685655910580872308822735840,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 361270766881685655910580872308822735840,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time: 307
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bg3.co/
content-length: 38654
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000023-IAD, cache-iad-kjyo7100129-IAD, cache-lga21965-LGA, cache-iad-kjyo7100177-IAD, cache-lis1490030-LIS
last-modified: Mon, 10 Jul 2023 16:46:55 GMT
server: nginx
x-timer: S1691169143.176295,VS0,VE423
etag: "f60c68c73bf1dd284947ae152ec44d4b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 0

GET
H2 200 87a98808c6458e87b6919b87108842b3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 150 KB
151 KB 113ms
113ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87a98808c6458e87b6919b87108842b3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac85532d5264d1bc192c6ce351723f8b28d9ea1dc17f36476ddd18d6bce9708b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87a98808c6458e87b6919b87108842b3.jpg
age: 1478290
edge-cache-tag: 298633494717867264155997900646789625496,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 298633494717867264155997900646789625496,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 362
expiration: expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.drivespark.com/
content-length: 153810
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100146-IAD, cache-sna10750-LGB, cache-iad-kcgs7200026-IAD, cache-lis1490030-LIS
last-modified: Thu, 13 Jul 2023 22:07:20 GMT
server: nginx
x-timer: S1691169144.575042,VS0,VE1
etag: "3fd5b5c3c4083eefd2a96399a233f27c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 38, 1

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/ Frame A88D 367 KB
125 KB 189ms
188ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f21b0f9369de836b1581d311faaf2214f867226cd8928531095dd058bb60439a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127905
x-xss-protection: 0
server: cafe
etag: 2957986549987670037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:22 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
345 B 733ms
733ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=20
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 149
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 97909
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490030-LIS
pragma: no-cache
server: nginx
x-timer: S1691169143.918762,VS0,VE149
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
766 B 696ms
694ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 04 Aug 2023 17:12:22 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 17336
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1691169143.957844,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 87
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2663

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 168C 0
268 B 302ms
301ms Script
text/plain 52.193.39.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.39.238 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-39-238.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:23 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 pubads_impl_fy2012.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame FF07 398 KB
126 KB 168ms
161ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_fy2012.js?cb=31076166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 19:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78393
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 19:25:49 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ 398 KB
126 KB 77ms
70ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 10:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22906
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 Aug 2024 10:50:36 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1086ms
144ms Fetch
application/json 3.233.145.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-253.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvZHVhbi13dS1xdWFuLXRhaS1iaWFvLWdhby13ZW4temhvbmcteWktc2hpLWppYW8temktemhpLWx1by1zaGVuLXd1LW1laS16aGktZmFuZy13ZW4tYmFvLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
875 B 377ms
376ms XHR
text/html 193.108.153.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvZHVhbi13dS1xdWFuLXRhaS1iaWFvLWdhby13ZW4temhvbmcteWktc2hpLWppYW8temktemhpLWx1by1zaGVuLXd1LW1laS16aGktZmFuZy13ZW4tYmFvLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-25.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 04 Aug 2023 17:12:23 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=150, origin; dur=90, ak_p; desc="1691169143142_389467673_42895299_24037_891_43_0_219";dur=1
content-length: 555
expires: Fri, 04 Aug 2023 18:12:23 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
152 B 90ms
80ms Ping
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=6897&cid=amp-D1SARxX8drOmvGAZKqGP7g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&dr=&dt=%E7%AB%AF%E5%8D%88%E5%85%A8%E8%87%BA%E9%A3%86%E9%AB%98%E6%BA%AB%EF%BC%81%E4%B8%AD%E9%86%AB%E5%B8%AB%E6%95%99%E8%87%AA%E5%88%B6%E6%B4%9B%E7%A5%9E%E7%83%8F%E6%A2%85%E6%B1%81%E3%80%81%E9%98%B2%E8%9A%8A%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1691169143&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 226ms
67ms Ping
text/plain 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-D1SARxX8drOmvGAZKqGP7g&aip=1&sid=1691169143&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 259ms
258ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 17:12:23 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 1360
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1691169143.385795,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 94
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2493

GET
H2 200 pixel;r=80917477;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html;uh=e51ed67dfb8d91dc24b15e2ace...
pixel.quantserve.com/ 35 B
371 B 91ms
88ms Image
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=80917477;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-321199452-1691169141776;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1691169143429;tzo=0;ogl=;ses=a45a1e19-471f-4425-81b4-b0b5179fe7e9;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 108ms
108ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 2008666
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1691169144.604833,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 143080

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.7/ 446 KB
84 KB 66ms
65ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.7/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: bc8eb6aa508fc38cc82f97aba66d664d8e1d95ff882e32282b1af697efaac599

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690966864
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: G0T9JP29SXNBZFED
age: 202209
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690966878
x-amz-meta-mode: 33188
content-length: 85795
x-amz-id-2: 4C7WnL6R4VKAYzbGGITV4wzN6cMIy2RoBF/YSqGr586zTz2EV5YlTU4uwgzoZTCpXUZBGn3BJtQ=
x-served-by: cache-lis1490030-LIS
last-modified: Wed, 02 Aug 2023 09:01:19 GMT
server: AmazonS3-br
x-timer: S1691169144.650539,VS0,VE0
etag: "a019ae7e90774b6e5460a27c7a3750e5"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 53337

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4D89 577 B
662 B 2223ms
123ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4c46f93412d048468845a6eb11c9f23c40f44a8ff55126d664cfc16d6d24461a

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 04 Aug 2023 17:12:25 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 2223ms
125ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&cmcv=&pix=31579697&cb=1691169143629&uv=3313&tms=1691169143629&su=3&abt=nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-length: 0
server: nginx

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 920F 714 B
733 B 72ms
54ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 13006
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f186ccc793386c9-MAD
content-encoding: br
content-type: text/html
date: Fri, 04 Aug 2023 17:12:23 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQyJe5OlaAK1ulqNgGZe6NjkorUT6yhibuMZ8uygb4kEIiE%2FdxyVkuN2I0tfvN6AEue6JGatklkxesI3OdPwjoYSz42DqxsJtMC9M1wnhb%2BOrEeMVcuxdVguD%2FPXDStLFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6836
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

129ms
85ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Aug 2023 17:12:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 04 Aug 2023 17:12:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 117ms
106ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5c1efc5c31d5df38cb21a4b7fc4782beda60219921fae3e1e0993b22eaad21d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 17:12:23 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 429ms
153ms Fetch
application/json 3.233.145.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-253.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 50ms
39ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 1603304
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490030-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1691169144.778181,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 296276

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7BA 603 B
392 B 481ms
480ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-431208314610357599&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3116&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=187006897&ga_cid=amp-D1SARxX8drOmvGAZKqGP7g&ga_hid=6897&dt=1691169143177&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&bdt=3263&dtd=156&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:24 GMT
expires: Fri, 04 Aug 2023 17:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A773 34 KB
10 KB 99ms
91ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54775
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:25:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A88D 379 B
597 B 1277ms
81ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7ffbe5583cf47c97fcc2bd8a93130c8541e11eeb392ed520a9ad409f661cae5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame D0DD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169116...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
870 B

261ms
81ms

Document
text/html

18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 321
content-length: 459
content-type: text/html
date: Fri, 04 Aug 2023 17:07:04 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id: TxJHFD3gipBcYT1yMtRl1zzmQmMWkTXVGCVHnn9ZAKaRCHyG39tdRw==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:24 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A88D 15 KB
12 KB 129ms
125ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8263c07c7bd18b05b6059db16e81939938b5b84d3d9b6fa5f3b97c99814af0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11844
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FF07 492 B
266 B 106ms
106ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3203600528254543&correlator=802362881980375&eid=31076166&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1691169143884&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=5i5zp8v282dn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=826283599.1691169144&ga_sid=1691169144&ga_hid=1723276050&ga_fc=false&dlt=1691169142102&idt=1574

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

20357dd8f8e2f2fc9809ad30ed7c543ecdc583534e5557e682179cfb670a50e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FF07 15 KB
12 KB 120ms
119ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

5a4e8caf3ca122765f9b2fecbf25aea060173a680e9f55fc813086d68043ace4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11747
x-xss-protection: 0

GET
H2 200 container.html Show response
35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB6D 6 KB
3 KB 1545ms
90ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:25 GMT
expires: Sat, 03 Aug 2024 17:12:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 920F 80 KB
27 KB 153ms
152ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2a486f068fd4a11e0723f0e4e69f6b6347024bb450c1291fbcf099198341a4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27683
x-xss-protection: 0
server: cafe
etag: 561 / 19573 / 31076708 / config-hash: 3022073710135274902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2D02 34 KB
10 KB 130ms
82ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54774
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:25:18 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 46ms
39ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490048-LIS
date: Fri, 04 Aug 2023 17:12:23 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A773 284 B
536 B 316ms
79ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
135 B 81ms
80ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%AB%AF%E5%8D%88%E5%85%A8%E8%87%BA%E9%A3%86%E9%AB%98%E6%BA%AB%EF%BC%81%E4%B8%AD%E9%86%AB%E5%B8%AB%E6%95%99%E8%87%AA%E5%88%B6%E6%B4%9B%E7%A5%9E%E7%83%8F%E6%A2%85%E6%B1%81%E3%80%81%E9%98%B2%E8%9A%8A%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-D1SARxX8drOmvGAZKqGP7g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6282354405131045&gjid=0.9164388523107108&_r=1&a=6897&z=0.4184278404891755&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A88D 17 KB
7 KB 504ms
92ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6836 34 KB
10 KB 90ms
82ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54774
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:25:18 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 1436ms
135ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Aug 2023 17:12:25 GMT
cache-control: no-store
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FF07 17 KB
6 KB 498ms
116ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:24 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 1470ms
73ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3820&_p=6897&cid=904049928.1691169144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691169144&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&dt=%E7%AB%AF%E5%8D%88%E5%85%A8%E8%87%BA%E9%A3%86%E9%AB%98%E6%BA%AB%EF%BC%81%E4%B8%AD%E9%86%AB%E5%B8%AB%E6%95%99%E8%87%AA%E5%88%B6%E6%B4%9B%E7%A5%9E%E7%83%8F%E6%A2%85%E6%B1%81%E3%80%81%E9%98%B2%E8%9A%8A%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2D02 284 B
536 B 223ms
77ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame 920F 398 KB
126 KB 72ms
71ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 13:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11801
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 Aug 2024 13:55:43 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6836 284 B
536 B 276ms
77ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 920F 492 B
263 B 107ms
106ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2457363428957403&correlator=1072757625840556&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1691169144382&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=tjjvoag95jvo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1649154736.1691169144&ga_sid=1691169144&ga_hid=890556089&ga_fc=false&dlt=1691169143921&idt=429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3ba3e186684aeed8fc1c5cd72819d082be46ad07d72beeacc81919b7cf0cd33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 920F 15 KB
12 KB 122ms
122ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b1db8c2eb00df0f7255c85a29e5d7c6611a08eb42abcee3c2a54611c695b94cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11825
x-xss-protection: 0

GET
H2 200 container.html Show response
78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E39 6 KB
3 KB 1291ms
83ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:25 GMT
expires: Sat, 03 Aug 2024 17:12:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 666C 92 KB
32 KB 119ms
119ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6089e512a489f92e9045933bb053989318e87690a158010a09b312a39e815b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32861
x-xss-protection: 0
server: cafe
etag: 18399551978698748071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 920F 17 KB
6 KB 85ms
85ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:24 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B28 13 KB
5 KB 77ms
76ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3FC 783 B
1 KB 239ms
83ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

e5d99b254acc8426c73ddc2152ef6baae86dbe35edc045fd6eb083cddafc9927

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aKYSj_GuZCjTPOsQPbrMmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aKYSj_GuZCjTPOsQPbrMmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:24 GMT
expires: Fri, 04 Aug 2023 17:12:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B020 13 KB
5 KB 78ms
77ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D50 783 B
740 B 214ms
87ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

c1fb3ad085511d9016333bd9b9ea1003f647bfd3f2ac9742a15528d2672c5537

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hao-wJOJ2bWL6_1pgYuB4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hao-wJOJ2bWL6_1pgYuB4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:24 GMT
expires: Fri, 04 Aug 2023 17:12:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A92F 13 KB
5 KB 79ms
77ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2E5 783 B
737 B 187ms
84ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

f15d1da35a5073aab6a779576fb5ebe546446be9206fa3ffc6db14011f823374

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pxlEs_Snm00Q-eHDRBKnWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-pxlEs_Snm00Q-eHDRBKnWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:24 GMT
expires: Fri, 04 Aug 2023 17:12:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame D0DD 31 KB
10 KB 170ms
61ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:31:28 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 2456
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 05 Aug 2023 16:31:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/ Frame 666C 367 KB
125 KB 157ms
157ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

85d03b0d4b287b6ea845f184f4f5c43e28b40ef9c0b40745076304ab6249835d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127918
x-xss-protection: 0
server: cafe
etag: 16773956929558526871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:24 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B28 37 KB
14 KB 73ms
73ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame B020 37 KB
14 KB 98ms
97ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame A92F 37 KB
14 KB 85ms
84ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame D0DD
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

57ms
57ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G%2F7JAoXBlsuwtlnunje6hRXHo8Cw4ZxUgycv8FtYAHPjfKvsNPLRmuoZPASm27KOW1hSx9RFGUIK40b02R14T1ToEZowE%2BEIOnddJ%2FN%2BDD%2FF4ZxaFGOyjn5dH5WU7MQ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f186cd8dbad86c9-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3FC 0
0 181ms
181ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=942301330773389&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2E5 0
0 175ms
175ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=2457363428957403&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D50 0
0 176ms
176ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=3203600528254543&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 666C 379 B
315 B 84ms
81ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

19ec9e9ee779972eb64570ce00c0b9c5a0bf49657dbd51e8a0fe72794ba31b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame B123
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169116...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
858 B

77ms
77ms

Document
text/html

18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 322
content-length: 459
content-type: text/html
date: Fri, 04 Aug 2023 17:07:04 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-id: FmGvl5oASQNMoMEoClv2pc7pnqbll1zLi_Ni5f_23TXET_fyV7Copw==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:25 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 666C 15 KB
12 KB 134ms
134ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ba11cd0415f6281dec2b761fa98101a2935825886c4f53bcae5f19a11adb3e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11952
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B020 0
10 B 74ms
74ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BrQJKQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A92F 0
10 B 77ms
76ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8fssuQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 666C 17 KB
6 KB 92ms
89ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:25 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
792 B 117ms
116ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691169145269&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1537&pt=-1114377771&tz=0&viewable=true&ddast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ec5ace121f7727ccd221d4adb01c8941df620d0b51d9afe96ce93aa876c16d3

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 04 Aug 2023 17:12:25 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1441
x-cache: MISS
x-served-by: cache-lis1490030-LIS
pragma: no-cache
server: nginx
x-timer: S1691169145.290898,VS0,VE78
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3B28 0
10 B 78ms
77ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E64l8g
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45DF 13 KB
5 KB 79ms
76ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89C5 783 B
761 B 86ms
84ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

646fbc76d09264de50e9cbc8793b60e31e670bd7c21e4a7ddd3d15612d1b113a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HHxEJytpEWA-t5jzJ85PUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-HHxEJytpEWA-t5jzJ85PUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:25 GMT
expires: Fri, 04 Aug 2023 17:12:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 45DF 37 KB
14 KB 74ms
74ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 89C5 0
0 168ms
168ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=2290228069847976&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame B123 31 KB
10 KB 49ms
48ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:31:28 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 2457
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 05 Aug 2023 16:31:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 45DF 0
10 B 74ms
73ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4Llpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame B123
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

54ms
54ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 488
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6cIVlGyIop4eo2mZEmYtdgYDBTaOau72CwjdI4K1q%2BFOjeK%2BQ%2F6oH1Qh%2BQ3Xzgiwqw7YzFv8XTa6myue6fVeHugE9Scx%2FazJWfSOy645TZvmrsiYuOVvfu6etSUh5laCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f186cdbffd886c9-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 920F 0
0 178ms
178ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=2457363428957403&bg=!f3ylfCjNAAZGOVy5Zjk7ADkAdvg8WtGd8m0yktj30_J0sDxbP-f6YOlsM0MZi6AYMQjvm2DnWOsgzCtCfVZaWQ3pmbdzJ2BotVwCAAABsFIAAAALaAEHmQK8Dl3ebyJT-kWm9C2c-R8YI7AvmxV0TcJ-f76Hg2URG83kEcofaYnAXVmVNcwrArapLWHaPbL1lk0E6RSPaTEPT_aggcCKNIwVk_fl80hx1NlXZBZrq1HuiCDhrTapmictjdgJp8DYtXFERgt-K6RksL0IjzI_pjyASs3eVt8dNRRnnLA2unpDcea2MLm22VkfPiN8PSUqXAeo2o4dTafsyyELq1xUN-k3bmPH4vUHp6EMOAJWIB4DzmP6DIkNdhMEYzyOb9Oll40vzZ7dVS-xVXi4pt7K8eV5jMwKO3oIeBIaRYOOPlhxfhuYBLGbVAAKY2jmChwtyY7RpV6T5hSq7nP7m76Wc46jqCexQk1MqThqIYa6GMLJH-EUH25l1VqFvAVukkCSzsxuWVZqsXa_YT0m0Ze7fTu74XWt3Y2YO7oiANUpz51c1nT3h3LUlmi1p9ILoAUS2XxmwDPv8BOYGcOeWjTilGOz3Yde_DUT9Tlp2UK7RUZmsek3e7_EyaS_dHj5nET54qDyFUQ19J9R3QX2dDHtIjNzDMfkJqOBfRpW5fDE_ti9w7jaeg96iknyX3CxOlNzKAXG-3zXPfabYX3qHcMfY4AdWZnUJ0LCRfm5_UHVc5McrMW1XacjvBvzNoaZDtCHrBf5WfcMbHKM7jBc5MHddAU1hbzyZLDwzFCYrd-xz_Q9gLXLS-4BwaM0hns7YrgDMaMQTSQJHLjt3Slp1jz-QxgNJjCgEPoDSZjJt8t4Wxv1wRsoYKgZYAeSeQSJI0kRj0Ghuv1i3E9cMZi2cfj6ervNHTIj97W7gUOF8sWB1IikeQtWr_-_X0jp4sP16HyFBDFx98ykWAOF0E_Ht_-td6WPi-cyNztZ_1eeJYwIR8LvjfNNVjS9w4I0l3HCBTquL_9WUcnKNvWB6MQGurtDFeEHVsgbIA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6BDE 70 B
264 B 80ms
79ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6BDE 43 B
425 B 85ms
84ms Image
image/gif 99.81.196.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.196.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-196-90.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4D89 70 B
264 B 84ms
83ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Aug 2023 17:12:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4D89 43 B
425 B 90ms
89ms Image
image/gif 99.81.196.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.196.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-196-90.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 281D 281 B
554 B 75ms
74ms Document
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Aug 2023 17:12:25 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D0DD 975 B
744 B 66ms
65ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3438
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6GsZnzdJTDUMi1rqaTqP8xuqpUfiRkt5RegoxFaJc89J6dIR8Sxxuyc1c32opvEEcA3vUWo31e0nKUCTLglexvnmYu9vDShMSHkUqrYBLyXGv2jY%2FtGhUmyDvKYNLynaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f186cd9ed4d86c9-MAD

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4231 281 B
554 B 76ms
76ms Document
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Aug 2023 17:12:25 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame D0DD 661 B
1 KB 543ms
261ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.887143215466988&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:26 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 0a8e0d88-b13e-3e8c-a925-3bac0fcdc9ed
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A88D 0
0 183ms
182ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=942301330773389&bg=!IyClIHTNAAZGOVy5Zjk7ADkAdvg8WnS7WqG7Cy_0BAaoFld4gdLxot_NKQBP9hq9mCT235-o-8N0gudObvLqT-t_XimtraGZlC8CAAACUFIAAAAKaAEHmQK1-YhWy4UjwVvScqJnB-5erFLj0a6w03NufPrpVTv9uWWv5bYlNMMBxR2gthxsvaESUiUunIgh8D-LaZWWpTMYTvkDs1z7qz9nwfNevYCg2mgo-W6JdrnPrBmdTzouv4ddDKI52nuxQVckwXBmAkeXCD7UFqCsPCUtHdMTq2Th3-4cIbEwTyGGM9s20PY8EB9Dvyew3fCMWYNu02uuMIMHy9AFa8Xn6-Ad1J9oAEKEWoord1BEHLzXKZNLqqDzWarIw1TRljXHWHcQU2U489a93MZ6CU0Sv1itiEAOl28zEOr3NTKVXhyHufcuTIzG9AJwJ-GQiNH-f6lD2V99QcwvYFnZloB9VZsAghOQ1Ah9vzJNX4_SSC8VP1EPDwoHcN91-PcfgR6KYlBXj3TznAkyevmd2HBbc9wOFBE9j61y1Sh15w-bmp4TzwCVqtkOkTtKLTkP0pY4IEEBydMLXD9rynF5g791TKuRaUTJdXn2mAuIeAAO30dj8BnMOeFsu0h-YWhju5NtcOqrxuoSNMssYJOZiVBpHShJLB_S2QPaQVJgPpGpgW8hLHbN-U2B3c9fQGxIM22Mb5RHCMAtsVmoRGzThOBtXD-fnSP48_dEqb7KqFeUdDm0oHcNKGenlRe3NAv-dne1kyFz8DFJ7QvFBkxlmdLJsjDpaq1NXeWSundB2Ob1bnbcaUXdqB0bco7PHAuw0n__yRwJAdTXCN-6FzII0uVYbqdtho3VwtEZhQauQPxScZq3s7p531NfDf1x1ESWq2a0VpLnJbywuF487BXXqp2_1WX6oqzGKG04W7bP3S970LNCUJ7zHsWRgSU1ivXhUh-TMig2un8154jv4_4EcNTJBDj3o1iye614fO_o55pHaXk2qPq0YlRcUO1EZ88e9ws-9pvy1Vfyt_jdtXJsWOL1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FF07 0
0 178ms
178ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=3203600528254543&bg=!v7ylvOjNAAZGOVy5Zjk7ADkAdvg8Wnra9YjjPWvUqD3wXngBRypDktV_hwyMRoN3D8LxgclA0htXs-OJXT0CSR7H5F3kZZUM2fACAAACDFIAAAAKaAEHmQLCjQGpnjpm4D1Vj5x8894sXVUYFGnA7V5IFRqKmL5J5KAfuByk3XBfgbWtJtGRRfpEvXoOUhNFYerZNj7YMhjffuuhJP_HVxalPNDZD1GaVCjXjMxRWLfklg7tDrMzKIn3OT3x9fV87P5qwg2LPAGRNMILZC_xrMTpMvmdtbzGdo2OzEjPV_O23qVpmmKhd5GcUyELL8oOt2PSl-KcD-LfVzz-8VEr5EYW0hst2-5mM5fjQe8jD6i3gVGkqbw0SGUWcdBJVo4WE8WLhQIfVXpHRHqCnYLyC8u8emgPQ3zXhr7LxLF8QPKJJibpOd81Ru1XX__XxTEWBB0DvGwlOuuHrSK2dZGAdpMosJkgyDEC1wcyl9jngqN9mpDx5Txqef65qwvo3kfuaSLHZ9tJIztZlyNS45jKbnY2MpMwa421n-hdC4FqSqNmcEW03efL7N78I0ksNVD6cDQ-aM2z4KsATryIJuR_nDGWHYF0TgjQp_CmxfcJBeCIAs5u5qRCNijs_jxndFt31cHS9wDBOKkZvq-95IJxgs6AGwpMeDn8pWVGAaNj_8TAUxTMU3aMhLyM8RUKkl26zKm8l5UB-wmAQRtvmFQ7vDtXV5hZauC0ck1CUO-fS-CSEO6GIJLDK4vvT9oQTbe1uEMMtgLmSeIIqMSXOplAsltuman2AAQ7Dqca95cQuO3jl4rIsNcvhEJewObgwtmMEbCaEvw_9Ki024SoMmrEAQw92zNiCFCdADRCDEz15cVUtDpk9tj4zeatoxnqX2RfvCOkBVxOwreScCe5xcLKRnpRPE-UoBsIhdZb2F9YJmViA-OWEO0Op78XvYeU7cbIpsaxGTB4YR2Qw9OA3jRC54s-cKY1czySHsQ9O6MV1hjxSxMDvgRCsn9Mdk4iOgd_ZkqpQGTq4vZFVAqXNV5gV6lYOn4u4U-rqN85HA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 281D 34 KB
10 KB 89ms
88ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54772
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:25:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4231 34 KB
10 KB 81ms
81ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54772
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:25:18 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 281D 284 B
536 B 78ms
77ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4231 284 B
536 B 73ms
72ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4231 0
239 B 542ms
137ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 666C 0
0 173ms
173ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=2290228069847976&bg=!lpWllcHNAAZGOVy5Zjk7ADkAdvg8Wo3ZKaq0XEpwgmqhUYZhOPtr1jsn97F2bonDwwEfqxXuAxUbOlpbURDIg0FA1ozDL13EFlICAAAAslIAAAAMaAEHCgDA0_vwHW0XdjEuDVbLCGFQmCZ5qeKtDnUyAwPGyXk6D6rkfqcjfFM26nEQiTHK6nWmiKzRu8uHkps6-atmcYcFx2R_aB1jiBB6NrTP-IGEhaZ6cIwInshOMiT4KUPpp4vDlMYFPrFdh4hjoRMt-LZTtkLoC0FCc21NF3agrf4sgikZIYPO6ZiICrNV-l9v7RoZ3yGF6kvck7T1PNXZGFHjfhS7Lu1Zdkn4QeQUBpztTC1hiLVGfpNWKaFgTaV6IA02mQLAPgqf7vJiDSKt8am8uPKDlomBHedvJrlHAcORly7Veae2gRcQjMX0RNw56OWf74fFKWj7Hkh2Aae-X3x0oqR1RKrGf1dnRa-Rk7KFaDwFBVqSMTtep_9ipo5WZHU21CkeHGupiHV_aWrbe4NwynYh43_Y1E9Ofj1xDyU8RhQnMgeP_oHDS-4w8oX_3tNbXy6ciBaLWpZyow0P7Wni8iKNIyi4Nz4i_EuqVmke9dzYh5qFojE_tWS5mVI2kz9dadkCY4j3wIIguIqEQHPq2jV-QWojk73emya-MQGUGB1S3lpsoMqJ2hcdSuG3uEWC4NPUC4irlinbhZBs4HZ1Flgf2QuTN5owacEITsHBiuwdCh5SPtt6IjWDJBWQYUNYxiuD9NFPoF1EWKOT82nNn8ryUfyVFqPD70XZ9JO4yL4Z3RQMfJ5mPoT3_-gpGmxY7_0YCI5m4KoNIb9w8XcKjHvKsF84p8OPreHKzmHEOQNQ1iWYLK8KTw2z1icFsjROczcnIiF50IgA6LW744JDE04JF3DBnDpBew6lcdQW_ut1F25t5BzCPKQBxD338vYniCwHXf092x1SGTuv28gLEVAfANtIyli9GVHW2VXQgsYLKD6PA3NEZGgTaSefqcAb95dk9LSYIuQk-sTlODDfUqjO1pXk4ZTamfci4vstk7UC6zgpohV0taAWj60fdgG7xETHSS455JRnRjyHdzm_U5-04rzW2xrER2vycIrMMeo_b-U1GxzyxS2BnOK6DdTl-3RlMk6FbVmQaObmkjCGul56slMa4y803HbEvQlCr-8ab0I2mrDUzqIFDdkCrkmgYT4l_tVy-nWQyGfdMN3qX65GnK38PNeOJq2AxKGYVYYMyq7FzDLxs4aG5pOxy-aThoFJ3qz-QSgCvrDI_pw_v1s6rRHx09K2rOo4aGKiNZwjyBQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B123 975 B
747 B 54ms
54ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3439
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BA1J1UVLNdm2N1NJ8D2I7MCnDKP65Fk9S6UQ1Kxbf5htD4RyGLVsVrDTtfyFBbQdj2V%2Bb0x60UnS3ya4DiVDw2lYx58W73guBr%2FSWfzdoMzIwscJtdE5fOAk7q8%2FFeqomA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f186cdc98ad86c9-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame B123 661 B
1 KB 437ms
167ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.2952681029556212&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:26 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 0a8e0d88-b13e-3e8c-a925-3bac0fcdc9ed
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 23B6 80 KB
27 KB 118ms
117ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

315ead22f704f0a6038be8ed3e7b38f61fc629774f111768436786918603a375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27686
x-xss-protection: 0
server: cafe
etag: 554 / 19573 / 31076708 / config-hash: 3022073710135274902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:26 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame 23B6 398 KB
126 KB 72ms
71ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 13:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11803
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 Aug 2024 13:55:43 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 23B6 27 KB
12 KB 133ms
133ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1407125184218795&correlator=3214379560104221&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1691169146720&lmt=1691169146&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=mqvklrxwn0bg&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=233076096.1691169147&ga_sid=1691169147&ga_hid=487375280&ga_fc=false&dlt=1691169145885&idt=825

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

416d41814bdf1fab558cf69d129a8b84c4d04fc6d2d80b502b70af1e62313526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 23B6 15 KB
12 KB 124ms
124ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a779ab83385d29ca5af6d530bf4b102161c6eae2099a9e52102dadace5dd170c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0

GET
H2 200 container.html Show response
1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E67 6 KB
3 KB 98ms
84ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:26 GMT
expires: Sat, 03 Aug 2024 17:12:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1182 80 KB
27 KB 121ms
121ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a6a2120231b3e4a81bdb366c9b4dfd39a71a4b1b73e08dcd69454edee5bf8128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27683
x-xss-protection: 0
server: cafe
etag: 860 / 19573 / m202308010101 / config-hash: 3022073710135274902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 23B6 17 KB
6 KB 85ms
85ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB29 0
0 110ms
109ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-FhQjC-LiZawWvMzDgg9-JxvVqGNW5D9pJcABm8JffZe_5FWqr_UppdV4yGEvX6rlnRLnOghfZWqsBYebRApWvldj5MKh4H9BzW99Nuum2wMsuEYFmT9RyvVe9TZcBQyzhvYdHbNe7lqlY4YOvB315_gNw38DVOg2pxkC4tGX0WGxh_6nZsId9liv5Qaf48JIZSjbK4pQb91zSk1mPrPrVhDPqumxR9Nk1qtI3S6FQJyA4RxB2q9Linqfcsflz3Ot19L6WqH0PZtja90QpjsYocmrN7AKaGyiryZSfKVyoNfvzDcyRxYYeDoxSpNWmiCD9ujQwxntnFaHhqE&sai=AMfl-YSJAguCFYxfJ-CnlJnn65q2QVrpDrbxfthGZEZ3aSLM-VGnSkhVPiEWEEehN5PBH4CEwaSfrw0IhC8Mi-53itBuGRczsaJZOQvpBw&sig=Cg0ArKJSzICRcxC2g9iREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame EB29 31 KB
10 KB 49ms
48ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:31:28 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 2458
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 05 Aug 2023 16:31:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB29 179 KB
57 KB 303ms
134ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:27 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame 1182 398 KB
126 KB 71ms
71ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 10:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22910
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 Aug 2024 10:50:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EEE 13 KB
5 KB 76ms
74ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBBC 783 B
534 B 82ms
81ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

bd1b19489071017c2ce83adf237e53e22d3bb6499b9cb6b42dcfd5affa2b21e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o-E3hN6voFKdw70zPr7Kaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-o-E3hN6voFKdw70zPr7Kaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:26 GMT
expires: Fri, 04 Aug 2023 17:12:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBBC 0
0 173ms
173ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=1407125184218795&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EEE 37 KB
14 KB 71ms
70ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1182 27 KB
12 KB 213ms
212ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4253905498103095&correlator=1076381953194015&eid=31076399%2C21065724&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1691169147063&lmt=1691169147&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=h9ujhdjqkrj2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1079659453.1691169147&ga_sid=1691169147&ga_hid=1929759116&ga_fc=false&dlt=1691169146317&idt=718

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

78a1248cc677388d2de7837843c078d32bc93583a85a1fc09d4f282505993dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12058
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1182 15 KB
12 KB 138ms
138ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d1edf98e593af19e400f986660768e2d2193c33d9323b3681daa4618e85f997a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11785
x-xss-protection: 0

GET
H2 200 container.html Show response
11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90CE 6 KB
3 KB 101ms
84ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:27 GMT
expires: Sat, 03 Aug 2024 17:12:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1182 17 KB
6 KB 86ms
85ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:27 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame EB29 80 KB
30 KB 803ms
267ms Script
application/javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 55RCNNKBQDT0PRPF
age: 320
x-amz-server-side-encryption: AES256
x-amz-id-2: BcUy+bBmpGcWHh12F0N7VEADJ4dllxuejq4/HIsPpBiVXflymh18MawlV8LfMdtRn5tUm3wvBxU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame EB29 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8684d4cd3763acff0e888bd8289000be3450f09339bacd791b9fee7c186aace4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E793 0
0 109ms
109ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_qngK0HqAhkUPOnGr9F91DIPSoiKNTLinFNLIsfQ8cHugW8Lq_TDPMlbE31tFadce4RI84q8BRNB_8riYKFaTs1CIQzA3mUiAtIwiktrZwvnN4p6lNHt9BAd_94w36XRmj1k-D602Oget2JsRC-uLKfp8fyHs9ym9sxTp9VjiPiFwJJ6e-_QsAW6QdVeRV0hr4rC1W9v60Fh6Tr8L5umukRVegmImjnvLURV8c1ujUzVO09KjYxGqCRlAOlI4s2oDtSC9z8KhV98ZDNZ5qKrEPEKvytFGzqmfEKfrf0bIwujeOlZjzvFlj9_x8bRQSrJ7QYD_atFLWPA6mFk&sai=AMfl-YTGiQ2B87-W9Mxi-e0m81tRRddnSKtVn8Xk2gKNfvlZtL9Y_qq0CsdHgWXlLEt5HetY-cRjeUV1klq1-GFPkx3VqKX3_zGBkM7Ibg&sig=Cg0ArKJSzCj9m8lGLofGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame E793 31 KB
10 KB 54ms
53ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:31:28 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 2459
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 05 Aug 2023 16:31:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E793 179 KB
56 KB 98ms
97ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3617 13 KB
5 KB 74ms
74ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C72 783 B
534 B 82ms
82ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

c7352121c9901b9bb901729e8a60ad521d0ed3ddfd4608b9b0fc770cd8936a9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-igs_qSq4iEYnKSb81R_h0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-igs_qSq4iEYnKSb81R_h0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:27 GMT
expires: Fri, 04 Aug 2023 17:12:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1EEE 0
10 B 74ms
73ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mPylcw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3617 37 KB
14 KB 71ms
70ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C72 0
0 169ms
169ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=4253905498103095&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame E793 80 KB
30 KB 850ms
502ms Script
application/javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 55RCNNKBQDT0PRPF
age: 320
x-amz-server-side-encryption: AES256
x-amz-id-2: BcUy+bBmpGcWHh12F0N7VEADJ4dllxuejq4/HIsPpBiVXflymh18MawlV8LfMdtRn5tUm3wvBxU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame E793 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bffce50718daacd5378e66b758eae28e09294d0d99b0487f9ce3c1fa2355c7b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3617 0
10 B 74ms
73ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jnZjNA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 116ms
116ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A12%3A27.787&type=usage&msg=New_CTA-event-1691169147787&llvl=2&id=6470&cv=20230802-16-RELEASE&lt=deflated&uuid=fa9a3c686d3811785ea69561a06266ed75ad5452bdffa9136fbccd6b7c9f1f98&dcc=29&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~-904043495400908247~~FxxZ3LPRkp2_f%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 80067

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 23B6 0
0 175ms
175ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=1407125184218795&bg=!jI-lj9vNAAZGOVy5Zjk7ADkAdvg8WgeI83TXMfqNgKyKMMX9iAYFmHkIYi17LZR-wlsrNK6-y_Ix2pzXO9exi2O-pK9L-wJv9UYCAAAAyVIAAAAGaAEHmQL1tp35Bow3utP6otcKMAIAiihy0_q9DzYSCxSPmvyGrb0yPkTPpMldBnvtzdrkaI_DnnkbeTZV4j4vyHytRNHasX6VnnQX4CmCrOOnToel0cPCKFwArBNoXCm8ppnLzsLmmFvDP5asViC2zKjdLvD6l7MGrJa6w_iu4bOn81hdrS02XJvRcdFfaH0plH9X2fktuPf1rSuLUA-WvUl3xdMrhcfFFZPhGLlKaZCcZJ7Iu6z9amLCPuFtp3pc6EMp9ksGe5mbndw5gSuYq9MbgccjgLBW8-0Ya_3uTj695yb_gIJ-d_kALad8zMgcFYUE3OjyDEqZqYNTnc9dkUirMTB38IXP1kkSFrY8MNsw5wrx3kstki9jGN8pwek-PUt2RH7BScBSmiDb38tDe3ida2ykfyX1HAErqWzISGnysF-Kupb0n7rXj0T28MJouokghp7XBspJNqxANbaiBfp1u84ezKiYKYA5miQsLZ6cdJelcVK7RKmAMpnUcgCYZFX2B7cofPedUT_kE1yS_m9vzkl3E6lMdOY26Z5NqI6VXkK0bspRfghBtBG9HstJbH1MMwJFIJGwKcedIEWTulAxSSPf-jXg1Xmw2cY1lQfRt7iUesc6n_eBMifvtp6bbfQFX2zXzQQBRIMu_uEnHXOcva42R1Hm497ykg7bv9-5Xk1F_HyKCkfdhzfi-PHCevr-VnHXlZKqW1TFY6BLcq2Gs3tC4lb6BPo2XERij41wUXHPQv2_ozKIRESx9ptnXdV9OzuvaEcmNmogy7gc0gWSIn6JcBiwqNbcS6-z1euCVS67qTPcjpc-wD0oCMBkkj2UxCTQO1tUgtcrbirPgvKrqVw08IgPt4aBgXdXRPfOwkVqUHvJNPvApvBLqr9puYw7dJht9DXNVMyYY-pctBJHUCwT1ZMFYpHFq1Bxj1nyDeArjUdqx965-AZrP7PisXFagA6zd0ArSlhSyv50ROwFKrv3pwKMSJ7cUh-CeUudTGsr3tJiKHvCgQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1182 0
0 174ms
173ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=4253905498103095&bg=!ZmWlZTHNAAZGOVy5Zjk7ADkAdvg8Wqg82EerQRjn13xxQ5jhbJGi8g0mowG0zWvteQWrs3Yhx4Ed9e7MrGRacV6W8UPjK2GfGwICAAAAZlIAAAANaAEHmQL24z5lHZmJEdCnKfOF6PzEgWU7mJjvYO4Emqr-JGbOrofnChQQwpKrjkVoEiP1vZcZY42rtaUide8cUDW-gF-wOnJ-2PlpbN3kT3KU61FvxLDYoeRKh5fVw02wPOBeenXnrtHmyvxmjhiQD7agYBvVdrSKzA_7sRcp10yQN-KvbJFgQyzGpUp1ANTUvjh9BsY2_ZERNTgYlbIg9APby4sXGyYPdxM4Ce_drF1eaB_R0jsHMh8nj0LsoqTtK7h2x6HlBMvKF4501hO60XMSAXzccMAIrVFMTx3f418J0JhKq33RsS9OwauqsQ2hMjQSIJOzJF8ncxPrANgABCm6Z0RTiXaHPoIPIV67_qC6QqJB2ce16J4Htr0LV0EVTwhl5ml8waZLFVgaK_2JbpFqFIxgfgg8RO1bZjd_ZfEH6JqMasCr17mlU23tewJtuCOlggOUygEv4n79EBgZKz9D1L91XyXI0CPVV8ZE2HXG5clpdaE0XKU4iwsv8I6YxQADYhdUyy5ZI29mlrlJaw6wLUpvPTLHZpW-tRTu-rf4nYC76eN6lAU9fEBq1E_b8POiyfmts4gh7dWbgKOioXqpKqqd1cPA344p4asGHfslswv7UWuIOjM6pevyOhJQ2GhqAcVEeaHTu05JXyXJL5CzP6o3oY2veXTuVRlN-aK5-HADgjf1PKql1bcSROap-lOHuYHvyq2IpSYyCzSI2a_1WD5m5uhwx5ccgkDc8-h3vQM3efJdLvTTHf6pTYFig6HDZz2QMFZCJ5UDpQIKLxNsjn174fbv89geOFkBbt8IPhvxQWGSOXBVNC_bSs9B8VT1wbOMgB1qm5wMDXyz4ixLk-xKN0RytwSQ4FrbYrhlB1anbgy3SYZl_cBJSt10zHwPhTHgcYEL5lpJwz9QEmBd261aGACdBOPKt6ecCTJKGXF6NvoS99ROCa2lqMdH1nU8d-ttIYQhBlnOOL8TjXAYJiezD19PZkY2RBfgmdNSZHOoCx0MeGmBLdc
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/duan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
786 B 118ms
111ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691169148322&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1537&pt=-1114377771&tz=0&viewable=true&ddast=V8gCMCLAZc_L0BJXcG_xG4-HsDSu4M_isAAABgYID-AElZBrPFZjZcKxer0Vo0GA7XypljuVa4Fp7FcOSyrVyuISApy2C22MyGa-ViNVqLBsPhWjlzLNcK18KzGI5ctpXLNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZxaDodPte9Xvf73SU-z1zj9yv8ItfD7ta93orXw-4WPZxuidPhd-scfrfuZXdLj367z618ujVHp1vqdPjd0qdbenS6xa6_W3N02d2611vtcrqlR6db5rD73LqX3S1x-O1C09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscogIy8fvOYhcBtnDbHLZXtZ_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAAAGjIiogsP-4rhCORAuQijAAAAADkAiY0HZmkE1Qsqvz___dbAbgCABCQGJwIk5dFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCJ2ZmaYINcKXU_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx6Q3Ox2K-PKsZnZBruNc2ZzTDYLh2c5XHgmo4VjtD3IAzZdQUR_nH02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9kcAlwM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgZLbxTRwLz1q5sSzWoslg4RauZr61YuFYDpbLlWG2WaxFr4_p4rFNbDPTFgkG5O1F8rRIJyrPbDTzuDYbl2tjMqyMo5nN45stN4ONZbAybhwTsURzskgnssu-udntVsaVYzOzDXYb58zmmGwWDs9yuPBMRgvHaF-ZbXwTx8KzVm4si7VoMli4hauZb61YOJaD5XJlmG0Wa9HrY7p4bBPbzLRvzJaLxWy5GA32jdlysZgtF6PBvkNn-K4-Z6OyrJJ8bNrN8GR-3JwGhctg8T6_F2loZ7QZZd6yxKJafXOeiVXo9_v9fr_f7_f7vRuzwWMwGGYe7TYxdvk1m5_yqPEeDIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_CLXw-7Wvd6K18PuFj2cbonT4XfrHH637mV3S49-u8-tfLo1R6db6nT43dKnW3p0usWuv1tzdNndutdb7XK6pUenW-aw-9y6l90tcfjtQtPbbBFLBKeLdCJ6GU8X9R8xxHA1V0yGc-Vct1slAAAAAAAAAABLMM10EwAAAAAngxpuhovVOh3MZDYZ7FbLBXARlKULGAQAAAAAAKBYY481wMPsdphebonPs_FbGYAEcx6zzT4jiLVaLWsAAAAC2AAAAAK46cabQMwm7v___38cAAAAGTn0AAAA6PcBZQEAAAAAAPAjyOFstH8AKsRarVa3G2u1WgENYjYaDBcT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ea0582ce49d6dbdd7b502b7841b2ac14ea6a13a357256cdf9ed591dfa3a2aaca

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:28 GMT
content-encoding: gzip
server: nginx
machineid: 1411
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame EB29 290 B
614 B 286ms
105ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 04 Aug 2023 17:12:28 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 21
x-xss-protection: 1; mode=block
x-request-id: 335da3f0-ea17-401f-9a3b-236f4631ae6d

GET
H2 200 b
geo.yahoo.com/ Frame EB29 43 B
366 B 255ms
82ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:28 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 81ms
81ms Ping
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=6897&cid=amp-D1SARxX8drOmvGAZKqGP7g&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&dr=&dt=%E7%AB%AF%E5%8D%88%E5%85%A8%E8%87%BA%E9%A3%86%E9%AB%98%E6%BA%AB%EF%BC%81%E4%B8%AD%E9%86%AB%E5%B8%AB%E6%95%99%E8%87%AA%E5%88%B6%E6%B4%9B%E7%A5%9E%E7%83%8F%E6%A2%85%E6%B1%81%E3%80%81%E9%98%B2%E8%9A%8A%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1691169143&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=10243&epn.domain_lookup_time=9&epn.tcp_connect_time=542&epn.redirect_time=0&epn.server_response_time=1104&epn.page_download_time=1&epn.content_download_time=1709&epn.dom_interactive_time=1709
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 73ms
73ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%AB%AF%E5%8D%88%E5%85%A8%E8%87%BA%E9%A3%86%E9%AB%98%E6%BA%AB%EF%BC%81%E4%B8%AD%E9%86%AB%E5%B8%AB%E6%95%99%E8%87%AA%E5%88%B6%E6%B4%9B%E7%A5%9E%E7%83%8F%E6%A2%85%E6%B1%81%E3%80%81%E9%98%B2%E8%9A%8A%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=904049928.1691169144&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=10243&dns=9&tcp=542&rrt=0&srt=1104&pdt=1&clt=1709&dit=1709&a=6897&z=0.292091054564924&gtm=45De1110&t=timing

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 07:42:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34221
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame E793 290 B
357 B 99ms
99ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 04 Aug 2023 17:12:28 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 29c4c80c-93fd-4f71-af43-4b4081157706

GET
H2 200 b
geo.yahoo.com/ Frame E793 43 B
96 B 83ms
82ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:28 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame EB29
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

54ms
54ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cPyV8rfGNMAGVi5q5jnAG27qw%2BscsBeHS5Kwek2sFt2tAifhoV0vTyPGiU1uU8fc7aVWON60zY5vK5gM9huQ3pJaTwSm5A6vBQRIPLxpxpTGQMbQXEjFpTt7mre3U5vjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f186cebf83186c9-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame E793
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

54ms
54ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkpmRDEYAfLyY2wvOOMBICLM1j2tGKJrNi%2FDbDIJurd70%2FVa%2F4LzewRF5wOFbJDq5x0r%2F4%2Fi1ABTpvGbMN%2FzFZFJEkU0qCHTz9bMc9wXzGxDjMmiXteEmKw0%2BYkBh78jBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f186ceddafa86c9-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame EB29 975 B
753 B 54ms
53ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3441
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4E2393KTfy%2FLHTZLcw1UA5C43sVlLy8kNNZPJOo%2BhV0GfmMvc49celyEOgJRzi%2FaUcgq%2FCXrwcd9L3yQJG%2B65p53i4vEBs8z1FiPTyVzhG%2FEvd%2FqZTkKF4hScWgrIBUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f186cec48cc86c9-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame EB29 638 B
1 KB 205ms
205ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4581083564492545&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:28 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 0a8e0d88-b13e-3e8c-a925-3bac0fcdc9ed
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB29 0
0 255ms
108ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzMH9nypM1ANpWa-SVkLEOB1VPxGcM5nr1YgDbHaEtYk77P6MKL2l246doO9KsxbbD5FcAtGxADt4JiD5JK4VS5S1xLVICaazpgvsSiky6NuYUVk10qrGP_G-h3Wzw2QEGGPTELXroZGMUs6YF4gJog4mTH7PX2U0Hstnmn-GvO0SDbQ5FOG3eDLaa_F0RoJ5uem9jIDJGagExNUgwhJd8nvSdlYH1yFDY341qfgVcguaJx_7wruIRGNu9-3VqAeHK7ysQ7-zGnxdWKejlRBGVaE_Sg35JYe0nMyKZ9eFQfuSphSl8AEJCYTvUtnuRxgoUXpXrss2er2DTkULjrQ&sai=AMfl-YTjU1aJPKR8oBICXwiocA-sG42a13IgQj-NqBNmwc0gsavKkfUOu_yoJ1bW2Z8atadD_Q2iWg1g5cGb_iEJfSwkBhi4a6YVYZsyug&sig=Cg0ArKJSzBYd_Xy_Psf_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Aug 2023 17:12:29 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5D70 144 KB
49 KB 126ms
126ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

565896a01464af442be850094313da8c3649d818eb2a55dc1f4974d8ea78ec2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50524
x-xss-protection: 0
server: cafe
etag: 12519557429230028970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 71ms
70ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3820&_p=6897&cid=904049928.1691169144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691169144&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fduan-wu-quan-tai-biao-gao-wen-zhong-yi-shi-jiao-zi-zhi-luo-shen-wu-mei-zhi-fang-wen-bao.html&dt=%E7%AB%AF%E5%8D%88%E5%85%A8%E8%87%BA%E9%A3%86%E9%AB%98%E6%BA%AB%EF%BC%81%E4%B8%AD%E9%86%AB%E5%B8%AB%E6%95%99%E8%87%AA%E5%88%B6%E6%B4%9B%E7%A5%9E%E7%83%8F%E6%A2%85%E6%B1%81%E3%80%81%E9%98%B2%E8%9A%8A%E5%8C%85%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame E793 975 B
747 B 59ms
59ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3442
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkpmILKdgJhVquB0zb2zM5qjnY8hokskpMvvBvBxYbOqFRK7et2sW%2BFvOf2vDPq2w3tuqtjiK61nakW5M%2B6X6sW0j1HqCPDRG7vwLQBjp49PNWNWB33NQqEFiSkdXqqs9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f186cee2b7d86c9-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame E793 638 B
1 KB 456ms
171ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.38643608869840507&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 17:12:29 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 0a8e0d88-b13e-3e8c-a925-3bac0fcdc9ed
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E793 0
0 108ms
107ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoFZiiHKlBH8tWseeDhBz2UjTkxrXzy8zlNEMVyPjGDhssRbCeK70VyBcQe_Q12hxmwx-34Nk0YchbN7R28rT8HNii8CrIVTx3o46y0jBXeWP3ZYYasLe9E5F7L1yTYtsZStJGm9yErwj8-IQ-1VFZAF16Vd49o57sUAUUuwnDWCqaae8LGd4xmjVhHr7hWMseyyzWqp9436kCVpe9M3_4mgH1ZH53E3fnreSWYNW1p2-i-0mbT7iRba-lu6JXetDM7nmBLERurO5vtQwihJ8pE-TBfE6zSbdTCuAE3WOTcPUe_n0n71mxVe05dRn9I53wu2-tBVgxm3IHSOtybA&sai=AMfl-YT0mYKAfI-0EFzOl-_KS_RKJ9mcG7lDt1HZtEg19xLvHyyVo6S0-qBE3BtRL9iYPSLAZoA3mr5wKuR5iNA2LpjgNUjphBK05A3WEQ&sig=Cg0ArKJSzMhTaB9QQTNIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Aug 2023 17:12:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/ Frame 5D70 367 KB
125 KB 135ms
135ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31076696

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

154a2f0f318e2d44b7778a901839efc838ad12026fbdb1f1a129d0ed36073826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127908
x-xss-protection: 0
server: cafe
etag: 8052195077845017531
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:29 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame 9842 10 KB
4 KB 71ms
71ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 15211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 12:58:58 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 12:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9BA 603 B
68 B 107ms
106ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1691169149&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149249&bpp=4&bdt=423&idt=281&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=3048876141831&frm=8&ife=4&pv=2&ga_vid=501774154.1691169150&ga_sid=1691169150&ga_hid=355623248&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3696207329&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076469%2C31076087%2C31076482%2C31076510%2C31076696%2C44796632%2C21065725&oid=2&pvsid=2125168025372113&tmod=834266751&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ukmzwrsgrcrf&fsb=1&dtd=309

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5D70 15 KB
12 KB 124ms
124ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

cb9dd22556b4a3bd6057149c52258c6655dfbbcba11354932255cd87f1c56ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11829
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED4F 603 B
68 B 109ms
109ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1691169149&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149249&bpp=1&bdt=423&idt=294&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3048876141831&frm=8&ife=4&pv=1&ga_vid=501774154.1691169150&ga_sid=1691169150&ga_hid=355623248&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3696207329&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076469%2C31076087%2C31076482%2C31076510%2C31076696%2C44796632%2C21065725&oid=2&pvsid=2125168025372113&tmod=834266751&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.p3g3epcbfu54&fsb=1&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0946 144 KB
49 KB 127ms
127ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d7f0ca611609131b70dd42063c316f892453180e458e0c47d3f790b342ce0587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50515
x-xss-protection: 0
server: cafe
etag: 3787414534973353960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D70 17 KB
6 KB 83ms
83ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/ Frame 0946 367 KB
125 KB 181ms
180ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307310102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b3a9c149699ea45083ba8c1ce7aca0d5838542a4a60122ae2ecd7ff036dcfa2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127905
x-xss-protection: 0
server: cafe
etag: 12075050010948265147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:12:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B2A 13 KB
5 KB 77ms
74ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C365 783 B
536 B 82ms
81ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

2e2d3670e84d3730bf7b19487a95bc3d6bf0e8872f32627db5be230b6d200deb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W6xEEw5mSeJ_BKSFlUwOZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-W6xEEw5mSeJ_BKSFlUwOZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:29 GMT
expires: Fri, 04 Aug 2023 17:12:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB29 42 B
64 B 176ms
176ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTRirYKhmb558UVNR7VpmKHNOBnrlU841Obr68x4A6iAu47I6MQ8kBc3RNjIYRWIPaRWVwH4ZyEhTsykPbcmP8lt4AX8jhKrJLSSJ7zCRQXY8_G8FG&sig=Cg0ArKJSzMchiuEYrlInEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691169146863&rpt=2018&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 17:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C365 0
0 187ms
187ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=2125168025372113&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B2A 37 KB
14 KB 86ms
86ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F3D6 603 B
68 B 109ms
108ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1691169150&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149774&bpp=4&bdt=648&idt=286&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=4596376478755&frm=8&ife=4&pv=2&ga_vid=549601185.1691169150&ga_sid=1691169150&ga_hid=559704480&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4293469109&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31076482%2C31076510%2C31076653&oid=2&pvsid=4015208259093804&tmod=890660671&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.1mnq6rtxkhxj&fsb=1&dtd=310

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0946 15 KB
12 KB 125ms
125ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

06ed0b0341cec53f29e7454ec614902e660efe7fabb9f98704fcac3a9cdf78aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20F8 603 B
68 B 106ms
106ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1691169150&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149774&bpp=1&bdt=647&idt=294&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4596376478755&frm=8&ife=4&pv=1&ga_vid=549601185.1691169150&ga_sid=1691169150&ga_hid=559704480&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4293469109&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31076482%2C31076510%2C31076653&oid=2&pvsid=4015208259093804&tmod=890660671&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.vsp6m5z5o546&fsb=1&dtd=319

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B2A 0
10 B 74ms
74ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fk70sg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0946 17 KB
6 KB 88ms
87ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 17:12:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C9A 13 KB
5 KB 76ms
74ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 11373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 14:02:57 GMT
expires: Sat, 03 Aug 2024 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 52BC 783 B
534 B 83ms
82ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

09daa3adc240d988914bc42491a77412cfda6b07da613b6eee1519a3581775eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YacUwjZaiD_NGZElFWTdoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-YacUwjZaiD_NGZElFWTdoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 17:12:30 GMT
expires: Fri, 04 Aug 2023 17:12:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C9A 37 KB
14 KB 70ms
70ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:24:27 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 52BC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/5669015b76def1486dc55f73fd09cc39.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/a8795b1c8283c2da1092400c03132974.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/47b4785ae5dbe1376c6a981fcc912b64.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/ef1e9d8df305b9d731fbaee4f616a438.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/31dc01deace2fb573ab131da79e03c54.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/496d9e83d8cded4e0d542712b842c788.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c13d6d48566c6add80fe31c36f1d57bd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/febfe917bcfddf1bfd00eae2c282eeef.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8c7255c634d9706af2960a7a8a423145.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/bac3e767d003da913c2194edee25444a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b1ae3f444005a5551ed1410ecaa0c87c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/5555b9c0911ca799cad33952c927d69b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/3f2377716ed3270df7cba415da9fe4be.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/d5707bbc4f730360f8335d105af04f8c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/348af84b9f7ae106950a40b9a84b4b32.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/0ff086c6ade89dda63ceb44011b3eeb2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/1bb92eeebc023890f265970983bb45d8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/d340763b00b3097579ffe124b8f07c4c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/61e6825057e9657f6df9f8c047bc1071.jpg?w=150&h=100&q=100

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=4015208259093804&rc=

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:31:45	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D26c7b1a3-9c21-420a-85f7-1a19099e0631-tuctbc6b6f4
.aralego.com/	1970-01-20 22:31:45	Name: sspid Value: 0a8e0d88-b13e-3e8c-a925-3bac0fcdc9ed
.www.bg3.co/	1970-01-20 14:29:21	Name: _im_vid Value: 01H70RJDCE0NAD6XREF7ZH5WDR
.quantserve.com/	1970-01-20 23:16:23	Name: mc Value: 64cd3177-74e78-fdfea-61104
.bg3.co/	1970-01-20 23:10:37	Name: __qca Value: P0-321199452-1691169141776
.bg3.co/	1970-01-20 23:22:09	Name: _ga Value: GA1.1.904049928.1691169144
.bg3.co/	1970-01-20 23:22:09	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1691169144.1.0.1691169144.0.0.0
.doubleclick.net/	1970-01-20 23:07:45	Name: IDE Value: AHWqTUmAq2mmhEDgXozCIt5lBTdgCFKRqS8-CdEsmt-Vo_lkx_KnDmyZCYFJhcDtWNQ
.bg3.co/	1970-01-20 23:07:45	Name: __gads Value: ID=d2e871ecbdd72c19-22d17fe746de0099:T=1691169145:RT=1691169145:S=ALNI_MZDkayLKDEj3crTUyRs7_vB64CMpg
.bg3.co/	1970-01-20 23:07:45	Name: __gpi Value: UID=00000c4c1e38cfb6:T=1691169145:RT=1691169145:S=ALNI_MZgWBpvcs0BoVkW0lbbQmaEMy2MVA
.aralego.com/	1970-01-20 22:31:45	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:31:45	Name: gdpr Value: 1

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/febfe917bcfddf1bfd00eae2c282eeef.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/a8795b1c8283c2da1092400c03132974.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/5669015b76def1486dc55f73fd09cc39.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/ef1e9d8df305b9d731fbaee4f616a438.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c13d6d48566c6add80fe31c36f1d57bd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/47b4785ae5dbe1376c6a981fcc912b64.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/31dc01deace2fb573ab131da79e03c54.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/496d9e83d8cded4e0d542712b842c788.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/bac3e767d003da913c2194edee25444a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8c7255c634d9706af2960a7a8a423145.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b1ae3f444005a5551ed1410ecaa0c87c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/5555b9c0911ca799cad33952c927d69b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/3f2377716ed3270df7cba415da9fe4be.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/1bb92eeebc023890f265970983bb45d8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/d5707bbc4f730360f8335d105af04f8c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/348af84b9f7ae106950a40b9a84b4b32.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/d340763b00b3097579ffe124b8f07c4c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/0ff086c6ade89dda63ceb44011b3eeb2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/61e6825057e9657f6df9f8c047bc1071.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvZHVhbi13dS1xdWFuLXRhaS1iaWFvLWdhby13ZW4temhvbmcteWktc2hpLWppYW8temktemhpLWx1by1zaGVuLXd1LW1laS16aGktZmFuZy13ZW4tYmFvLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1691169149&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149249&bpp=4&bdt=423&idt=281&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=3048876141831&frm=8&ife=4&pv=2&ga_vid=501774154.1691169150&ga_sid=1691169150&ga_hid=355623248&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3696207329&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076469%2C31076087%2C31076482%2C31076510%2C31076696%2C44796632%2C21065725&oid=2&pvsid=2125168025372113&tmod=834266751&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ukmzwrsgrcrf&fsb=1&dtd=309 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1691169149&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149249&bpp=1&bdt=423&idt=294&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3048876141831&frm=8&ife=4&pv=1&ga_vid=501774154.1691169150&ga_sid=1691169150&ga_hid=355623248&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3696207329&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31076469%2C31076087%2C31076482%2C31076510%2C31076696%2C44796632%2C21065725&oid=2&pvsid=2125168025372113&tmod=834266751&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.p3g3epcbfu54&fsb=1&dtd=315 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1691169150&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149774&bpp=4&bdt=648&idt=286&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&nras=1&correlator=4596376478755&frm=8&ife=4&pv=2&ga_vid=549601185.1691169150&ga_sid=1691169150&ga_hid=559704480&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4293469109&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31076482%2C31076510%2C31076653&oid=2&pvsid=4015208259093804&tmod=890660671&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.1mnq6rtxkhxj&fsb=1&dtd=310 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1691169150&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691169149774&bpp=1&bdt=647&idt=294&shv=r20230802&mjsv=m202307310102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4596376478755&frm=8&ife=4&pv=1&ga_vid=549601185.1691169150&ga_sid=1691169150&ga_hid=559704480&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4293469109&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C31076482%2C31076510%2C31076653&oid=2&pvsid=4015208259093804&tmod=890660671&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.vsp6m5z5o546&fsb=1&dtd=319 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11334f4278a8ff2c7e69546956f6b87b.safeframe.googlesyndication.com
1c7d22732f601ceaebaa5f7bcfab7701.safeframe.googlesyndication.com
35189559557f5bf1ceb52f857ccaacc9.safeframe.googlesyndication.com
78d57b2749e1b63f643b7a4d91179f4c.safeframe.googlesyndication.com
ad.doubleclick.net
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
code.jquery.com
d-509506171156017602.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
static.bg3.co
103.231.174.251
104.26.5.103
108.138.7.45
141.226.224.32
141.226.228.48
142.250.181.227
142.250.181.228
142.250.184.193
142.250.184.206
142.250.185.129
142.250.185.130
142.250.185.65
142.250.185.98
142.250.186.106
142.250.186.166
142.250.186.168
15.197.193.217
151.101.129.44
151.101.65.44
162.210.196.208
172.217.16.194
172.64.165.28
173.194.76.156
178.250.1.11
18.66.97.113
18.66.97.30
185.106.33.48
188.125.72.139
192.96.203.13
193.108.153.15
193.108.153.25
216.239.34.36
23.212.211.47
23.52.120.246
23.53.42.112
23.97.225.52
3.233.145.253
3.71.149.231
34.120.96.193
35.186.215.140
52.193.39.238
54.150.78.24
69.16.175.42
69.173.144.165
8.43.72.98
87.248.100.137
87.248.119.251
91.228.74.168
99.81.196.90
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
034962ddeae5ea3ed4a6fa71d447fd8d7930932b4d261adc6bebe0684de50d5a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05afbee7b4263debad8d14f0561fc504bbbe72f3ec94db0f4862184c6bf7b467
06ed0b0341cec53f29e7454ec614902e660efe7fabb9f98704fcac3a9cdf78aa
09a4ef2558984df29baac1e2acc4457e97bc009720d358dc286b1378a0b974d4
09daa3adc240d988914bc42491a77412cfda6b07da613b6eee1519a3581775eb
0aa1a7f676b23d03e0df14306ac0cf191b16fe6eb240c81ee615ed7064572b1b
0bffce50718daacd5378e66b758eae28e09294d0d99b0487f9ce3c1fa2355c7b
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0eacb36e592ebbbdc67268179d0bc1bef5b2eb1c757b864cdda3e1b30d8fd0e3
0ec5ace121f7727ccd221d4adb01c8941df620d0b51d9afe96ce93aa876c16d3
11d9c87ac54dd2f5e599d2fd5867c6584a87cfe6316cef2ab47e0b4f6692eca5
120d6f4483a00a7bccde9737c262e1085fb41e91ac401ec44ec4faf16ecceab6
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
154a2f0f318e2d44b7778a901839efc838ad12026fbdb1f1a129d0ed36073826
157b8bb7984f0dd91daaa945a1d12bdaf6046c8e8bf13c490ccf0b73142e533a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
195251f734458153a0d5d070fc3439725d825ecea5bf2d10e2200f54072c36ca
19ec9e9ee779972eb64570ce00c0b9c5a0bf49657dbd51e8a0fe72794ba31b80
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1efed0c7163581bb91f6d4a69bf7d39f7dfc0ebfc116b7efa0c6c916ba8d8abe
20357dd8f8e2f2fc9809ad30ed7c543ecdc583534e5557e682179cfb670a50e9
217147e67716b6d334a88a1d8455195b1d4c9c67fda345d243f840b5d92b1f6d
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27df41a622e2878aa94077bc3feacce6960f86d938d28032b33482c6964effea
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2a486f068fd4a11e0723f0e4e69f6b6347024bb450c1291fbcf099198341a4c7
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e25a92cc340297a6bcec3392bb7ef2855214f390761f6e657d7c8520c11bad4
2e2d3670e84d3730bf7b19487a95bc3d6bf0e8872f32627db5be230b6d200deb
30b91fe0ebe640f65543279d5d1b5101b1eac5e1a1ee8f1fc667a9fe883c99e3
315ead22f704f0a6038be8ed3e7b38f61fc629774f111768436786918603a375
33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a
380ec1ac30521052c2a7710df0aa8aabd7aa22698c10e95f90cbcb08747523dc
3973cb55df9a5b6cb4455c50724a1bd7085b4ef8b1006996def9d92436c4e732
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bcc3df6ece99347a638e512781664246627b2d45577c690d36edb4d086ada41
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
416d41814bdf1fab558cf69d129a8b84c4d04fc6d2d80b502b70af1e62313526
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
483c9a1ce13fa92848c0ab2a36a6945db7e76a382350ac50ceedd15f72664b93
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b35f26590a665d1dc3c5e292024c7b6a440412047d107beb279e0f47a72ba9e
4c4244b644065bcbd991b01a28f1225268d7d04877da99f2e22d166f754fea4d
4c46f93412d048468845a6eb11c9f23c40f44a8ff55126d664cfc16d6d24461a
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
509adc2893bd24e3343afcd618ce812b7052eaa89f037102645735e7be82199b
513ccfc5bf57f682dc2c37e4efa4b93a26a41301f3232fba6f81d130e75893a0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565896a01464af442be850094313da8c3649d818eb2a55dc1f4974d8ea78ec2b
597ed7e46060dfafc51820d3b64f2e8554748c50e6aac55629147577108d1e77
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5a4e8caf3ca122765f9b2fecbf25aea060173a680e9f55fc813086d68043ace4
5c1efc5c31d5df38cb21a4b7fc4782beda60219921fae3e1e0993b22eaad21d6
5e6bd9cf799ddb4e4867ebbd8eda5ebb6de73f8a2adb0e7f01e238cd4e566cfd
6089e512a489f92e9045933bb053989318e87690a158010a09b312a39e815b1e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
646fbc76d09264de50e9cbc8793b60e31e670bd7c21e4a7ddd3d15612d1b113a
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
693cbe4a82f4d6e12b706886d70d2314ce00e33fa806ae0ad13f91979359aaf2
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6bf122b7054e352794e08cd127c0c3fe32ecc2a258bde31001745898fbef7cce
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ecae130ef7b35b2a5cd4dba747c7aa83265177bff7516e886f830f3fdd19048
7580769c2e7a0b58d59bcc88ad94ec4baaf22e55156ab7ed774f936f7006470e
78637d8a0d7809148efe84bbe2ba7bb712860fe6f5eeba55e0e442c220dc8841
78a1248cc677388d2de7837843c078d32bc93583a85a1fc09d4f282505993dc0
7aabf43feb1a7fc3ab72a0e668ed7a2270a372e6302e3d9c597276da6688b669
7aeb79f60a16395b0f980556f6421e611710f447efd99ad7072d88eb4cb5f94d
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7ffbe5583cf47c97fcc2bd8a93130c8541e11eeb392ed520a9ad409f661cae5f
813259c2c1f1d3b42d9a6749d793fcc4d9cdf352160fb907c41a0e71c2de0b9c
8263c07c7bd18b05b6059db16e81939938b5b84d3d9b6fa5f3b97c99814af0ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85d03b0d4b287b6ea845f184f4f5c43e28b40ef9c0b40745076304ab6249835d
8684d4cd3763acff0e888bd8289000be3450f09339bacd791b9fee7c186aace4
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87e3e0ccc48a8f7a610124ffa62b5dc594e72992ed47ea6aeb08abe023f840f7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc6aa216221bd58ce414a8529de0b8786f35903fbdb3c266f605c9f7b625029
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
923a7b663f0ae75798ba3f713e3f828f1345d152aeb27931de3547d6764639cf
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96d79bc76089c234d4f0c629880ed645c629c4333475512373b0bf28b8006d88
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a483647e3045f6f8835b3cba32fde7c4a51d45be87661f5b74a0a4277e6af7fb
a4d717e4a3db30d082da88e16c3e4a17f62f27efcd2a23d1a4e36de8011981dc
a6a2120231b3e4a81bdb366c9b4dfd39a71a4b1b73e08dcd69454edee5bf8128
a6e8e4c536dfe7cf4bd670b8f3116ca672fe9be099bff54e5dadbb5414f777da
a714d7406f828cec4fec992c4c04936b38b69a21c812aff9ec9b17e9d8a9b37d
a76fd1ee7cb0f61c064d0021a2557e94e1640e7d364be1dea867d47bb86b2497
a779ab83385d29ca5af6d530bf4b102161c6eae2099a9e52102dadace5dd170c
ac4a5d4f7704bfabd97126241009d730d156e68859c8bd7d0db1f049acc39e95
ac85532d5264d1bc192c6ce351723f8b28d9ea1dc17f36476ddd18d6bce9708b
af30b70f76e35c1125a616c9bc21c4d072445c4400ce5ebf32a0a986a1a85105
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1db8c2eb00df0f7255c85a29e5d7c6611a08eb42abcee3c2a54611c695b94cb
b3a9c149699ea45083ba8c1ce7aca0d5838542a4a60122ae2ecd7ff036dcfa2a
b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5
b458a68796fcaa7ef6ac071d2dedd3ad43eba0bde424e6f508485c29957f0115
ba11cd0415f6281dec2b761fa98101a2935825886c4f53bcae5f19a11adb3e04
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc8eb6aa508fc38cc82f97aba66d664d8e1d95ff882e32282b1af697efaac599
bd1b19489071017c2ce83adf237e53e22d3bb6499b9cb6b42dcfd5affa2b21e4
bd2454c341f99f870bd9592ee154317e58041608f22d17f0eec37b0e79df4237
be1e74c1b5359991d1809967d6a3bddaed43055482e5e42b4c0cf324177dcf3c
bec100a88725b8aa87c85af62b54a24314255cf4f2f9a40eb49a5f4606b37fd9
c09affbaef88c48f2f3b81d4fa484dafd1eead6f338f46b2628efd33f9b935ee
c1fb3ad085511d9016333bd9b9ea1003f647bfd3f2ac9742a15528d2672c5537
c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b
c3b841038d3e92059d020f8e07ac081fe3e75b5d274f88107475158bd05a834d
c7352121c9901b9bb901729e8a60ad521d0ed3ddfd4608b9b0fc770cd8936a9e
cb9dd22556b4a3bd6057149c52258c6655dfbbcba11354932255cd87f1c56ba7
cba353b989f22df27f12a51ac2c35ef7f827f7f49ceb136c67e4ecb4bde51fb2
d1edf98e593af19e400f986660768e2d2193c33d9323b3681daa4618e85f997a
d5aad0b244a5dd756f46d9592b6fa0447daeb76ff356598313ac16d0c09e2073
d69abf812ddb98efedf66c8e74622ccdf1e86e89be2c6f0fe695afa7d83d182b
d7f0ca611609131b70dd42063c316f892453180e458e0c47d3f790b342ce0587
db679fb04f86d00555bbdf7cc64d3f537339a48fbbefb4f0cbb43ab0c644b798
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e14941f98b09b1dd6d67f0ac493b1b4d8720ed099108c25e9c1b30035960deae
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ba3e186684aeed8fc1c5cd72819d082be46ad07d72beeacc81919b7cf0cd33
e5d99b254acc8426c73ddc2152ef6baae86dbe35edc045fd6eb083cddafc9927
ea0582ce49d6dbdd7b502b7841b2ac14ea6a13a357256cdf9ed591dfa3a2aaca
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15d1da35a5073aab6a779576fb5ebe546446be9206fa3ffc6db14011f823374
f21b0f9369de836b1581d311faaf2214f867226cd8928531095dd058bb60439a
f2f5920a47191f701209e680038156ba5e0c93641aa241e8b609ce461af6d5d3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff5db27b3460f352d33d9dd07e320c709bf39c0fc3f68b83b7fa2c8ad44c6565

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

324 Requests

92 %HTTPS

0 %IPv6

31 Domains

66 Subdomains

49 IPs

9 Countries

4524 kBTransfer

12639 kBSize

12 Cookies

36 Outgoing links

Redirected requests

324 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

324
Requests

92 %
HTTPS

0 %
IPv6

31
Domains

66
Subdomains

49
IPs

9
Countries

4524 kB
Transfer

12639 kB
Size

12
Cookies

324 HTTP transactions
3 data transactions