www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Submission: On July 21 via manual (July 21st 2023, 7:58:56 pm UTC) from US — Scanned from PT

Summary HTTP 291 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 59 IPs in 10 countries across 42 domains to perform 291 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
3 7	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
8	172.67.71.254 172.67.71.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.19.126.145 2.19.126.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.53.40.162 23.53.40.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
43	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	13.114.150.222 13.114.150.222	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
37	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	172.64.203.13 172.64.203.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	216.58.212.168 216.58.212.168	15169 (GOOGLE) (GOOGLE)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
3 3	2.19.70.117 2.19.70.117	16625 (AKAMAI-AS) (AKAMAI-AS)
10	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
2	2.23.209.46 2.23.209.46	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.45 108.138.7.45	16509 (AMAZON-02) (AMAZON-02)
2	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 4	52.212.161.120 52.212.161.120	16509 (AMAZON-02) (AMAZON-02)
1	18.193.178.232 18.193.178.232	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	99.84.88.111 99.84.88.111	16509 (AMAZON-02) (AMAZON-02)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
2	52.192.246.101 52.192.246.101	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	99.86.91.52 99.86.91.52	16509 (AMAZON-02) (AMAZON-02)
19	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.233.145.162 3.233.145.162	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4 12	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	108.138.36.83 108.138.36.83	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
1	87.248.119.251 87.248.119.251	203220 (YAHOO-DEB) (YAHOO-DEB)
1	87.248.100.137 87.248.100.137	() ()
1	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
291	59

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.96.203.13 (Manassas, United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-145.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.53.40.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-40-162.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.150.222 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

d-190438802479474407.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.203.13 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.70.117 (Glattbrugg, Switzerland) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-117.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.209.46 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-46.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-45.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.161.120 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-161-120.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.178.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-178-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-111.muc50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.246.101 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-246-101.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.91.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-52.cdg50.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.145.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-162.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.212.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.149 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.91 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-83.muc50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.251 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.137 (None, )

ASN- ()

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 848 trc.taboola.com — Cisco Umbrella Rank: 608 vidstat.taboola.com — Cisco Umbrella Rank: 2612 il-trc-events.taboola.com — Cisco Umbrella Rank: 19408 images.taboola.com — Cisco Umbrella Rank: 1818 imprammp.taboola.com — Cisco Umbrella Rank: 12804 am-match.taboola.com — Cisco Umbrella Rank: 12807 wf.taboola.com — Cisco Umbrella Rank: 2751 am-vid-events.taboola.com — Cisco Umbrella Rank: 12146 vidstatb.taboola.com — Cisco Umbrella Rank: 4890 pips.taboola.com — Cisco Umbrella Rank: 1561 cds.taboola.com — Cisco Umbrella Rank: 1767 am-wf.taboola.com	2 MB
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com 64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com	755 KB
31	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	642 KB
20	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1142 eus.rubiconproject.com — Cisco Umbrella Rank: 631 token.rubiconproject.com — Cisco Umbrella Rank: 626 pixel.rubiconproject.com — Cisco Umbrella Rank: 382 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1196	58 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 395	219 KB
10	google.com adservice.google.com — Cisco Umbrella Rank: 117 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1723 www.google.com — Cisco Umbrella Rank: 3	13 KB
10	aralego.com 3 redirects ads.aralego.com — Cisco Umbrella Rank: 37209 sync.aralego.com — Cisco Umbrella Rank: 3052 agent.aralego.com — Cisco Umbrella Rank: 288707	7 KB
8	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13341	123 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 16991 e3.adpushup.com — Cisco Umbrella Rank: 18137	275 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41343 hal90009.redintelligence.net — Cisco Umbrella Rank: 343754	10 KB
6	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461 ads.yap.yahoo.com geo.yahoo.com — Cisco Umbrella Rank: 1379	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	887 B
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	793 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 69708 sync.logly.co.jp — Cisco Umbrella Rank: 74897	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26526 audiencedata.im-apps.net — Cisco Umbrella Rank: 28958	3 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1328	448 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 405	955 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 728	1 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 103260	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	113 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	917 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1226 pixel.quantserve.com — Cisco Umbrella Rank: 919	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	83 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 27494	12 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 572	30 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 83604	77 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7638	620 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 784	335 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 789	443 B
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10921	253 B
1	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 555486	867 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	634 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 346	146 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19539	3 KB
1	ampproject.net d-190438802479474407.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 425	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 107113	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	13 KB
291	42

	Domain	Requested by
37	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net www.bg3.co www.googletagservices.com agent.aralego.com
20	images.taboola.com	www.bg3.co
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.bg3.co
17	il-trc-events.taboola.com	www.bg3.co
13	securepubads.g.doubleclick.net	cdn.adpushup.com cdn.aralego.net securepubads.g.doubleclick.net agent.aralego.com www.bg3.co www.googletagservices.com
12	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
12	cdn.taboola.com	www.bg3.co cdn.taboola.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	eus.rubiconproject.com	ads.aralego.com am-match.taboola.com nt.compass-fit.jp eus.rubiconproject.com
8	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
6	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
5	hal90009.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90009.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	token.rubiconproject.com	eus.rubiconproject.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
5	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
4	pr-bh.ybp.yahoo.com	1 redirects imprammp.taboola.com am-match.taboola.com
4	www.google-analytics.com	cdn.ampproject.org www.bg3.co
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	adservice.google.com	cdn.ampproject.org pagead2.googlesyndication.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	trc.taboola.com	cdn.taboola.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	2 redirects
2	agent.aralego.com	2 redirects
2	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagservices.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	geo.yahoo.com	adx.holmesmind.com
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.sitemaji.com
1	6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.contentspread.net	hal90009.redintelligence.net
1	ius.ctnsnet.com	1 redirects
1	onetag-sys.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	pixel.rubiconproject.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.bg3.co
1	pixel.quantserve.com	www.bg3.co
1	adx.holmesmind.com	pagead2.googlesyndication.com
1	64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	rules.quantcount.com	secure.quantserve.com
1	x.bidswitch.net	imprammp.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	secure.quantserve.com	cdn.adpushup.com
1	l.logly.co.jp	nt.compass-fit.jp
1	stats.g.doubleclick.net	cdn.ampproject.org
1	fonts.googleapis.com	cdn.taboola.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-190438802479474407.ampproject.net	cdn.ampproject.org
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
291	78

This site contains links to these domains. Also see Links.

Domain
1t5cbr.llsdzktnxwnnr.com
popup.taboola.com
2ab710.zbrjtstrclnm.com
pjbmu.com
mrwvhw.dmtrlsng.com
trck.tracking505.com
www.conselhosetruques.com
trk.go-aas.com
trcclick.com
lifehack-app.com
5e3994.llsdzktnxwnnr.com
4d3868.llsdzktnxwnnr.com
n33w2m.llsdzktnxwnnr.com
luxurysuvpt.space
987b52.llsdzktnxwnnr.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
contentspread.net R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Frame ID: 0F20F6D449B7654CA3BDCA027F13005A
Requests: 146 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2EBEE7A8989F417AA0FBD8BC953A53C9
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5C7D545EBA31464E60DAE85F03BF5E41
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 4B3138488F3B059879467791E14C1FEC
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 75A701EF78D5F47636D881D17A97CCB2
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AC1CEBF4E324475CF3B9A74FF8D41C65
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: FC3B67821FB76EE82C50CE936D93271E
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1689969528925&uv=3305&tms=1689969528925&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ed9d99e5-0c60-4c6e-b5ee-39e0871098f8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: FB1F557D6758D8FAACA4D315312BF812
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 12DA75748F617392E64613BF13649640
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 37CD9FB1D627FB2A219E822FF5C26AA1
Requests: 4 HTTP requests in this frame

Frame: https://ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3C531858C34D27D648DFEE9A26F02ECD
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 8E877063F3BB1A128FA7B9A2369206B6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 75F8AA5B7DD72EF7CEAC1403AD2FC890
Requests: 3 HTTP requests in this frame

Frame: https://64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 74D6EAA61B96B826D19ADB207789E9AF
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 70FFA01AAD88F0E0F7C8443DA137173E
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 27F599ED728684F3039354D393832348
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
Frame ID: B0C5E4F8057F04DDF06766FF58AD886E
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: A163478BE266CE70B2A0A0CB78A0F134
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49AF33375226DA1DCEB11DCC2E0DB57F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 221364E2A30A65C8C0658DB7036CCEB7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0DC18DADA800249671AA7C87EC8CCAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96FD446DEFE64B51283AD7DA954B5711
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FFF3137E4E5854A3DE2812EEF4FAE7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B3D95D09AEC172A2EC66B248AB55B7F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C14F018D313EFFCE76A50AC81CD76BD0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11DD489AD65A1BC9EE235C4A5743EC19
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjFsNDGATAB&v=APEucNW1Pblamq-mcPZT2ABoQZSF295pipYPgKkmgVBujX7KOiFkOxtGDyelRwaXehfqKINsoaE-9kQwLGPFWxzV1g-KdBNzTHQI58s-AzyAddAviwaUcrTnR0MZVYLn6xY9rFV3f85CxLwyuEthwPiMykuhFlrgXi-Vb5ZFQxbEJEa3nQrFOGs
Frame ID: 228F782311AE33D6575BCAD87AB020B3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2828471B74325D11E19CC911717C4A19
Requests: 3 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
Frame ID: 314BD2ABB2F81EF850CB1604ACE97AC5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BC2F08CEE3966CE898AF5F501119B8D
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: ED5B70F67E976362BBC6BFA9CA861D3F
Requests: 6 HTTP requests in this frame

Frame: https://6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 0335868F2495B20BB4DEB284A84A4CB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 389B44119831C9B5DD634BB3CB8DFBEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5848D25CF83476617744FAEBBB83B7D0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu45zw1Hx0UvniI1jVHwlEQAk8VSG4te9uSssnP4SQ1gNppl3LXUaEBXx-KYCJ1v8wGVpVqozChqcvFLOa4oYIUW5-rOLW4Ad9ec_UNlGQWN0ug1EdHV98UfZCj9Cw5PewswxrPgpbNXbk8zY3pxj2bWr5xcs9xZnSUyrf2WLYp4DgZ5We1Ykybpy4o8R--eXK5_oyrvr132fMZyToDR3VsMHOAL8q9lykfPHouBGyFJ2DXLVjxwKa5jHMIEM68-EVM7WwGmbkWo46g0zePO8Ir3wXFDRUR5F_fi4mGm6waBYIR5u1BgRvq3YCKXSOmQ_FI49BPjY6C80nRjSU&sai=AMfl-YSn_VM7oKzZqu5uv2wFNEu4MSVpHUq0AWnYDVN-scoiOToonvjO63-TkuQ9xK80MPd6_ONKkiRBthduZ3tYaCgObykQarP_ZwYccg&sig=Cg0ArKJSzJJaT-6gLSeiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 63E80338A93AA4C974D5C0FFB3775CC2
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 912F8B8EE59258E6592D77A51CB9CDD9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 6365E4A719D63244F546851ACA132391
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

海南三亞：海灘人頭攢動 - 天天要聞

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

291
Requests

87 %
HTTPS

0 %
IPv6

42
Domains

78
Subdomains

59
IPs

10
Countries

4277 kB
Transfer

11418 kB
Size

23
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://2ab710.zbrjtstrclnm.com/
Title: Liquidação de sofás | Links patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://pjbmu.com/go/5d2cc1e9-c27e-4eb4-bd6c-345831b3435e
Title: Carro elétrico para idosos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://mrwvhw.dmtrlsng.com/
Title: Carros à Venda | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/48d250ec-68bc-41ff-9b5c-4a7c557de798
Title: Limpeza de esgotos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/varios/dedos-personalidade/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://trk.go-aas.com/sea
Title: SUVs | Links patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trcclick.com/click.php
Title: Elevador de Escada | Anúncios de Pesquisa

Search URL Search Domain Scan URL

URL: https://lifehack-app.com/pt/
Title: lifehack

Search URL Search Domain Scan URL

URL: https://5e3994.llsdzktnxwnnr.com/
Title: Residência Sênior | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://4d3868.llsdzktnxwnnr.com/
Title: Elevador de escada | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://n33w2m.llsdzktnxwnnr.com/
Title: Anti-envelhecimento | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://luxurysuvpt.space/
Title: SUV Ofertas | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://987b52.llsdzktnxwnnr.com/
Title: Camas inteligentes | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/saude/primeiros-sinais-alzheimer/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 102

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 105

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 150

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 156

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529052&bpp=16&bdt=977&idt=323&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=2&ga_vid=703922537.1689969529&ga_sid=1689969529&ga_hid=1598833618&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=1120242121&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076159%2C44788441&oid=2&pvsid=1869000484982865&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jq47hmdgoib&fsb=1&dtd=346 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1&C=1

Request Chain 222

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLrjfZXpwGFPe29KjMfCUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK9QKwaJr-icsTZHoCDwkhs&google_cver=1

Request Chain 224

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0Mzk2Mzg4OTQxMDUwMzM5Mw%3D%3D

Request Chain 241

https://hal90009.redintelligence.net/request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5VcNeeO6ZPCHOdGdiQOM7arACJ7ZlqFp6auh-9sP8C4QASDSzIEaYO383YWsG8gBCakCyB5BCYOlsj6oAwHIA5sEqgThAU_QC_SdUf54i0eVqZmyqKI5UiJsj31NHjV1bDnqdejPhFCPSkal12KKuQF_9LDv6M6A_KajLjS45AQPpBES4yaqUu-kbllnWmjeTsXqmEs7_6q2o1VM4nmI2IAPWr2Pd7ao2OttufGL-tb-tYH6rTx4KAjwlINCj0uOBbIq2gahbIU4N6L8nWZXDtKGG1dJc31yUdN0hXd-XWE-KLxZxZeGzZLfltRz6GDtAaTmp9Psm58psgLRhCDU_-KgMthDlr-_NpPBTv5TwZR9Gd5hGzjIKqPaobTSbxfF_DS3BAYAxMAE1_WW0vMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE%26sig%3DAOD64_0RADwPz8eo19-Gx3X0PwkOo3wGkw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Bms_u8whGpFqiGCPNK6eohENoM4xHEVEe3A1J_ROgXMBVtg7__m8ZTzDTwuih6-ReCw3g5Z5MdPfP0RjlDrqozgUxs3ucNybq808Tys-dikuUYNUimZzKOEh_xinzL5bWUvL1FNYEbm6kevOp7JV7EJSXVXdQS8sz5r2kFrRkOmVESy-Q%26cry%3D1%26dbm_d%3DAKAmf-CmRdI2YoES5kqqR6OTlHeRuiBfwOgs2VH0Us8Ae659aghDcNWoZNjboohfE-WC5lMLDO5F-7l9yGPBIB--Id2EmbYHIpG0XKS-p_tz6E9Q2Bs5TAC8VvmiM5aEaiqMSJa8AWo0qY20hVlp4OFyH4iYSus8o-gmfT1DfJdgC32EIjG5GyVX88xY4bK0cfhf_jj9OLqmposilZpftUVqUco0M-GXTqNSeOk9ya-66O0rz-ccP4hx1lj3qYI5VQqJBZxfew4te3G7XuV8GRZXo0Uwfu47JRJWWKeQJOer6i6z7SI2WKOLZCK6OLqgZAI_O2ZPspioaHaDsLSYSdXqOSgKl1mpAUnSCApz3G6r5v_WOJNZutwC-_5S0dikWW7nOICeM3k5vjSOJI2E7aJcKUM2boIDwSeYv6Ns8piexH6LkvaUj02aoNfjzT2KfSiwGeGOcMRTEG51XG786XHU9y41Hch78VyvKyykoBrIO8t1LWv79cejigrHbJ3UUW70yBAjc2WLImpbQqKP6O1x9yWNRQ9DYGK2bqmqDCiT6lGs90eM7CVRpYgZE_ccodiV9iOwEa5qH49Jf4BEqVGXvEwamNnjoCrYEsL6TUKWSXYRbnhwwJQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6984843218241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5VcNeeO6ZPCHOdGdiQOM7arACJ7ZlqFp6auh-9sP8C4QASDSzIEaYO383YWsG8gBCakCyB5BCYOlsj6oAwHIA5sEqgThAU_QC_SdUf54i0eVqZmyqKI5UiJsj31NHjV1bDnqdejPhFCPSkal12KKuQF_9LDv6M6A_KajLjS45AQPpBES4yaqUu-kbllnWmjeTsXqmEs7_6q2o1VM4nmI2IAPWr2Pd7ao2OttufGL-tb-tYH6rTx4KAjwlINCj0uOBbIq2gahbIU4N6L8nWZXDtKGG1dJc31yUdN0hXd-XWE-KLxZxZeGzZLfltRz6GDtAaTmp9Psm58psgLRhCDU_-KgMthDlr-_NpPBTv5TwZR9Gd5hGzjIKqPaobTSbxfF_DS3BAYAxMAE1_WW0vMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE%26sig%3DAOD64_0RADwPz8eo19-Gx3X0PwkOo3wGkw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Bms_u8whGpFqiGCPNK6eohENoM4xHEVEe3A1J_ROgXMBVtg7__m8ZTzDTwuih6-ReCw3g5Z5MdPfP0RjlDrqozgUxs3ucNybq808Tys-dikuUYNUimZzKOEh_xinzL5bWUvL1FNYEbm6kevOp7JV7EJSXVXdQS8sz5r2kFrRkOmVESy-Q%26cry%3D1%26dbm_d%3DAKAmf-CmRdI2YoES5kqqR6OTlHeRuiBfwOgs2VH0Us8Ae659aghDcNWoZNjboohfE-WC5lMLDO5F-7l9yGPBIB--Id2EmbYHIpG0XKS-p_tz6E9Q2Bs5TAC8VvmiM5aEaiqMSJa8AWo0qY20hVlp4OFyH4iYSus8o-gmfT1DfJdgC32EIjG5GyVX88xY4bK0cfhf_jj9OLqmposilZpftUVqUco0M-GXTqNSeOk9ya-66O0rz-ccP4hx1lj3qYI5VQqJBZxfew4te3G7XuV8GRZXo0Uwfu47JRJWWKeQJOer6i6z7SI2WKOLZCK6OLqgZAI_O2ZPspioaHaDsLSYSdXqOSgKl1mpAUnSCApz3G6r5v_WOJNZutwC-_5S0dikWW7nOICeM3k5vjSOJI2E7aJcKUM2boIDwSeYv6Ns8piexH6LkvaUj02aoNfjzT2KfSiwGeGOcMRTEG51XG786XHU9y41Hch78VyvKyykoBrIO8t1LWv79cejigrHbJ3UUW70yBAjc2WLImpbQqKP6O1x9yWNRQ9DYGK2bqmqDCiT6lGs90eM7CVRpYgZE_ccodiV9iOwEa5qH49Jf4BEqVGXvEwamNnjoCrYEsL6TUKWSXYRbnhwwJQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6984843218241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 243

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGM2yYWeB2lq6pzL9G3eCW8&google_cver=1&google_push=AaAOQGEvakmAIQQmrfAI4o0_CPkc7hHpZcPWt7rOrz0keaYpZD1vZtSvSLs6DbRTDYnZxHWB9mLztR9iIZKLdKf9jHTLrw0RTcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEvakmAIQQmrfAI4o0_CPkc7hHpZcPWt7rOrz0keaYpZD1vZtSvSLs6DbRTDYnZxHWB9mLztR9iIZKLdKf9jHTLrw0RTcA&google_hm=eS1wdGhwbURoRTJwSE91aFZISksuUEJXRDFBZUlDTWNXU35B

Request Chain 249

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEnNnX7s1uAjBpY5WL6cPwE&google_cver=1&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZpqydoRwpg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEnNnX7s1uAjBpY5WL6cPwE&google_cver=1&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZpqydoRwpg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZpqydoRwpg&google_hm=HBPOpGZH137QtPa7QKmAu-Ym

Request Chain 250

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENC4dKRn91gvoNLzgljq5eA&google_cver=1&google_push=AaAOQGFLLuKjsPTK4eI-tMp3HfdtC1O9D_L9-LUGvw-SKuhv5ABLXQ8-RiC_24wyQRojMR-hcrhNcUPdogZXRNX7kq2UfYpZ8Ws HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFLLuKjsPTK4eI-tMp3HfdtC1O9D_L9-LUGvw-SKuhv5ABLXQ8-RiC_24wyQRojMR-hcrhNcUPdogZXRNX7kq2UfYpZ8Ws

Request Chain 251

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJamBvYOUQtLIo4gSLnn6Vo&google_cver=1&google_push=AaAOQGEpwKrJb5ORKe_keFsrjfgOOB4zcL1QwsWJBcWEp-_Jt4Fc7rZrgcZhg-caWphAEESDOSBPlDQxA4Bbixcy4SYdF4KKfFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpwKrJb5ORKe_keFsrjfgOOB4zcL1QwsWJBcWEp-_Jt4Fc7rZrgcZhg-caWphAEESDOSBPlDQxA4Bbixcy4SYdF4KKfFQ

Request Chain 252

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFHuVGmj66lcCVv1AdeeJGQ&google_cver=1&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4&google_gid=CAESEFHuVGmj66lcCVv1AdeeJGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzMTkzNjgyODU0MjI3MDY4NzA2NQ%3D%3D&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4

Request Chain 253

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELkjmBbeJv6hzMFH2Zn0Bms&google_cver=1&google_push=AaAOQGFM7Nj-Gpb5MAgd8rqCW9mduw7g0PlCrnrkUyqClXtJo0Ol984wlZE41tvtgX3NNXi6QZqjCUQmBiHdKe9eIX8rmmutv1mT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFM7Nj-Gpb5MAgd8rqCW9mduw7g0PlCrnrkUyqClXtJo0Ol984wlZE41tvtgX3NNXi6QZqjCUQmBiHdKe9eIX8rmmutv1mT&google_hm=jaSKMVYRT9eBcK6tw80FKFI

Request Chain 254

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGV2lp0I4zsWSOtMtOkeMKY&google_cver=1&google_push=AaAOQGFd01ER_2BGZZvlfhSdRciK8r8kC-wVoV0Zq9brDGUwPtOIwcwSpStgKgmMNc8xM14NtHGy96UteZHbxD20v9lukgpZVFNM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFd01ER_2BGZZvlfhSdRciK8r8kC-wVoV0Zq9brDGUwPtOIwcwSpStgKgmMNc8xM14NtHGy96UteZHbxD20v9lukgpZVFNM HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 285

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

291 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html Show response
www.bg3.co/a/ 47 KB
13 KB 1065ms
501ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ce3f16fdcb4ddab782f38b4895e6db8158e1e9125a326ec3a15e4754852ff610

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 19:58:46 GMT
etag: "bdbb-JmimHuPAlZuzF5KVjFiOSORmg0U"
expires: Fri, 21 Jul 2023 20:13:46 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 317ms
152ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 19:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
server: sffe
etag: "03bc649404a9850f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jul 2023 19:58:47 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 333ms
169ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 19:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9649
x-xss-protection: 0
server: sffe
etag: "23590aea1735b086"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jul 2023 19:58:47 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 342ms
197ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 19:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7554
x-xss-protection: 0
server: sffe
etag: "50eb993f3be7bbdc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jul 2023 19:58:47 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

199ms
87ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13196
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J60uy%2Fja9bzL3RZwBc0sTLUT6066ZaKI8t2HoBKTv07zvqg2KY%2F97vKAWnAQpjTC4ObHhrXwnl16IWn2UWKz41LCs%2FLwnfhXTcvq1j%2BAZlvFAqq6mI3x2Na%2BuVxDSWwrwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea6054d3e17489e-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 289ms
93ms Script
application/javascript 2.19.126.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-145.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:47 GMT
content-encoding: br
last-modified: Fri, 21 Jul 2023 07:00:38 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Fri, 21 Jul 2023 20:58:47 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 630 KB
135 KB 945ms
744ms Script
application/javascript 23.53.40.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-162.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: ee46d0b151ef7aa74e2403064f99f660bef866b383962af69ee02e5adfc5d729

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
last-modified: Thu, 20 Jul 2023 22:18:03 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=136, origin; dur=504, ak_p; desc="469435_389359774_77775076_64007_2067_41_0_146";dur=1
x-cf-geodata: PT
expires: Fri, 21 Jul 2023 20:58:48 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 276 KB
46 KB 246ms
151ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31a9b23d7c28a75109677875e40c9578a55301fec47cd4aa80b9879449d2bb98

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eRwq9mtM3kPhFKfkaVqn6KZ80RYQHDjq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:47 GMT
x-amz-request-id: 6KW4939880NSHEPF
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 46322
x-amz-id-2: /ZhmYiwXQMiabMz2oYIv1kandmwKe7/KOn9jvkUm1X3Y4RmkjI9EQ7A2RNRKGSv5I9UD1Zk+SMo=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:49:50 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969527.244789,VS0,VE106
etag: "a07451a1049b9eb8d3be92c43542ed3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1544ms
519ms Script
text/javascript 13.114.150.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.150.222 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 662c0a0fe846a3bdb9758cee8134311d46ef07b8eb6d42d05c1396ec4cb6027f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 185ms
63ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:47 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1689969527.cdn4-pxy204-mad02.ma1.evs,1689969527.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET
H2 200 impl.20230720-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 789 KB
164 KB 45ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e8e7f25e76923cdf5e3b0bbc96fab3e8d08575d2f87c478e23fb8e98530a9d90

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EwOyzWNx72EC4grzk0zM6vwTLi2LY.Xx
content-encoding: br
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:47 GMT
x-amz-request-id: 3K11HK50T5M55VRQ
age: 899
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167105
x-amz-id-2: EyKV2Q40ksJig47fJioCoeUmdLm27t32pgXHfWTLvs8XnPp6qB9QmUbwhmDO16wgTqA0CIAyC/U=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:35:44 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969527.496828,VS0,VE0
etag: "34e9f77310e584b68e9e2ec7c2dd6975"
vary: Accept-Encoding
content-type: application/javascript
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 843

GET 4f542554f89695ce4a027aa056097118.jpg
static.bg3.co/imgs/202301/ 0
0

GET 18a7e3be6b270092f19ff35dc6a97ae7.jpg
static.bg3.co/imgs/202105/ 0
0

GET 049c7f4ad5aad60f6fc042df982b6d22.jpg
static.bg3.co/imgs/202107/ 0
0

GET e5005c5308bc7c9467fcbd7e627d95de.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1f37b8b29da65bb7711b25e687d33c61.jpg
static.bg3.co/imgs/202109/ 0
0

GET 82ab7bbe57b8b8339f37d9d152f4f574.jpg
static.bg3.co/imgs/202202/ 0
0

GET 09740c668fb27baf6b9563471727d285.jpg
static.bg3.co/imgs/202105/ 0
0

GET e3822bcbc627f799d99bc89b318cd464.jpg
static.bg3.co/imgs/202106/ 0
0

GET 29a5314c3a1d44ecc1089d22a8ed1104.jpg
static.bg3.co/imgs/202107/ 0
0

GET 5b59010017b3fe303e1159af72427cfe.jpg
static.bg3.co/imgs/202107/ 0
0

GET 7156afbc3a3f4005800ed4e4b8ee8229.jpg
static.bg3.co/imgs/202105/ 0
0

GET 9346a255cd2c5b88a55511248e9dda6b.jpg
static.bg3.co/imgs/202010/ 0
0

GET 5eed160f905dbd9bee18c9ee6a31e3ee.jpg
static.bg3.co/imgs/202105/ 0
0

GET 587541147a553bd94cfc1e718b71021c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8f8d71d78c948a341dc713a437efca80.jpg
static.bg3.co/imgs/202106/ 0
0

GET 4041dccd2d6c25556233d27a67ee8da9.jpg
static.bg3.co/imgs/202105/ 0
0

GET 35c1505224bf70661848f4739132f505.jpg
static.bg3.co/imgs/202107/ 0
0

GET 97a4c40e47890e6e884e05c2a5048a0d.jpg
static.bg3.co/imgs/202106/ 0
0

GET 0e556532c7853e54be9bd48ec6276007.jpg
static.bg3.co/imgs/202105/ 0
0

GET 502b73ece4de97fa8352f5eced740110.jpg
static.bg3.co/imgs/202106/ 0
0

GET 880e71c53cc80a41380d15c709a0a5a5.jpg
static.bg3.co/imgs/202105/ 0
0

GET 841c21cc915a6c3e69d41b637e4e3023.jpg
static.bg3.co/imgs/202105/ 0
0

GET 09827277fd64d89a1a5afa7d40d2133e.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 8 KB
3 KB 281ms
119ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 11:27:48 GMT
age: 117059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2966
x-xss-protection: 0
server: sffe
etag: "4e4cebbab06b5f09"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Jul 2024 11:27:48 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 82 KB
23 KB 249ms
91ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:27 GMT
age: 268940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23120
x-xss-protection: 0
server: sffe
etag: "97458ea624168dde"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:27 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
845 B 283ms
114ms Fetch
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b6254a4a16a3e6d4818042ae58d978e69b6bd8cd6a856b028c0eaec63a83b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 12 KB
4 KB 244ms
90ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 14:55:17 GMT
age: 104610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3939
x-xss-protection: 0
server: sffe
etag: "21ee47434b69c418"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Jul 2024 14:55:17 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 235ms
76ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 308987
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 84 KB
21 KB 664ms
656ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=19%3A58%3A47.642&lti=deflated&data=%7B%22id%22%3A802%2C%22ii%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1689853777905%2C%22vi%22%3A1689969527639%2C%22cv%22%3A%2220230720-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22vpi%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3252%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A782.25%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0045445d23c25ebb4c004bc94ffd147a58c6e999531a481db01c015f5103548e

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 609
date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 108879
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490047-LIS
server: nginx
x-timer: S1689969528.673535,VS0,VE609
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 89ms
88ms Image
image/jpeg 2.19.126.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1689969527674
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-145.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:47 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Fri, 21 Jul 2023 20:58:47 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 40 KB
10 KB 80ms
80ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:28 GMT
age: 268939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10347
x-xss-protection: 0
server: sffe
etag: "59414361c8ed98c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:28 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 215 KB
57 KB 108ms
106ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:18:41 GMT
age: 268806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58154
x-xss-protection: 0
server: sffe
etag: "0ba4e671a8cd7fee"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:18:41 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
633 B 77ms
76ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQ522y8Hl2oFCfICDj6P98Cnft2I9wmlrGjj8kGvsUDy4hl6upsyPA4cAqzQHUKWO1UwrWk1DZNSV3cWBDlyiJ3EGv5QcCma2OLHD5KtzsfBxyJMeqV93sW19Qed79xS9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea6054e68c9489e-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 607ms
144ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a665354e817890ceaa48988aa784f59042a95e0ce3a239cf9d10379c65ce3fe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 618ms
163ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a665354e817890ceaa48988aa784f59042a95e0ce3a239cf9d10379c65ce3fe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 518ms
221ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7960247828718652&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:48 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 515ms
208ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.5074627264267881&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:48 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 110 KB
31 KB 81ms
81ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:25 GMT
age: 268943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32104
x-xss-protection: 0
server: sffe
etag: "fc5a7023b69babf1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:25 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
479 B 265ms
94ms Fetch
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-190438802479474407.ampproject.net/2307052224000/ 0
0 289ms
89ms Other
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-190438802479474407.ampproject.net/2307052224000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 69ms
69ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1689969528.cdn4-pxy204-mad02.ma1.evs,1689969528.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 2 KB
812 B 82ms
82ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 17:16:28 GMT
age: 268940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "464f04a848bfb8ed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jul 2024 17:16:28 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 222ms
81ms Fetch
application/json 172.64.203.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21961
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jul 2023 13:52:47 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3VUtTgxPxzNw3qre8nsPV6u%2Fbe2ukOQ0XitNUS28r0eRglqD8tVMVcD60ITv0N084xNO6N8xkdQvEZOfaqsubpu1HWB5VAscFWPU8%2BqEiRRtC3TSiItXgzH1Do1lfHJsK1564zTXD%2F0Nxw6gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7ea60550cfe52f93-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 3 KB
956 B 83ms
82ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 00:42:33 GMT
age: 155775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d6efea8de711c3e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Jul 2024 00:42:33 GMT

GET
H2 200 taboola-vignette-new-scanning.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 47ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3779f5586454c26dd37e8267e0d0776fba8567a8930229f2d754b0b690f0e72

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BJnPPiRQD3n515csXSkVLkOeqKFQzbmH
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: G8HHBWZQES5W1Y52
age: 115357
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: Rz0AYd/3adWpOBLc2hb+vVefQUK+T1RvaQ3agS+/9TUl6N7oki5601H64F39jQQ5UFYbkrtMlIg=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:56:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.358097,VS0,VE0
etag: "4da478b0692e7fd8e54b8b9a5cd7742f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10384

GET
H2 200 distance-from-article.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 49ms
49ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c879914d9a82ab04ab0c71a0742118ce04a623adafef82fc991e10ce0e1adc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _x6UGURUxTVcPklH7jDsCRC8xbcktQPf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: 9EANFPK102DZSPK5
age: 115451
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: xwZqLTRbZ4Brft60nG+r+08nLgMjTVjqsrlBGdBW7rhrvPWPSsboXPpHup15rlBIncqBuyWdrw4=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:54:37 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.373342,VS0,VE0
etag: "aa7e0bfca3d5c259155efab8aa3e4dec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 39
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 83551

GET
H2 200 article-detection.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 50ms
50ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a9c74893bef37552b92e10bd29b691209b986e705a6242e56b9065810bfa859

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kDGlzhxkmzgclFjBWHm_XGBib6NkPXu4
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: AG22EDM6V5D2SX4C
age: 115472
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: 8Cq6GVPczz/9v/chW/QwggKOO5HQ6BVSlsCX4LbIvmDZoHl/G2r9ZmmyXkpL5ZGkCGazMFRmEV4=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:54:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.373853,VS0,VE0
etag: "67e226918d29016383b3cc2be4bd5287"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 83475

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.2/ 123 KB
35 KB 48ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18f6e93b6e1ac6b3971bbf06396514d80559a3df081ae53f7f59860b878d6e91

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 9b77256cb4a2caf313b1650e5e0805f8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 210830
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35118
x-served-by: cache-lis1490047-LIS
last-modified: Wed, 19 Jul 2023 09:23:52 GMT
server: AmazonS3
x-timer: S1689969528.376906,VS0,VE0
etag: "23e2191935103aeeb4e92c57ab67b071"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: iNusNf1xP90ulGh_fHbiVE73VXEomDR14fGQSTWZlNmTGKtADlUYQA==
x-cache-hits: 6039

GET
H2 200 feed-card-placeholder.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 52ms
50ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2f63a4e15c229a5b68d93bacb7f056e34d7f76c9308a48698b116f98aec5dd8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0a4_6Dqe8zjvxoYVKqmvWi7S0sT4MRkv
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: W8X6VP58PSYJYF97
age: 115434
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: 6ye2NeCS/sc8w3M9xKBH3FtzxpXwzZnmQQFSfNOIMz6Q9UfZB+gherbJv6MJ9jVYpMVGD38Vsu0=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:54:55 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.379782,VS0,VE0
etag: "524213ed6b9c65b54418d1902b6083ea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 58900

GET
H2 200 userx.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 47ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4157c995bbcc7922e7e1df182e85408f57447d55f7beb65fe115ec389781be6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pM4DarQXZUtJ0X2p_DZmmbAqyVdRxHSO
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: YRN3SCZJQFJ5FK5A
age: 115350
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: Y2lu0YmYyEAyvdbruwZUjinqA/hlzY1aF+ygMWyKhDYB4rR+w0OkI9biSzQ+QHnqUWdoYuAhOXc=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:56:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.384060,VS0,VE0
etag: "133d4354a166bd4b225eb088a65e15bc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 16287

GET
H2 200 explore-more.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 46ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b113baa1a8a720263c51ab0c3866a585f75aaaebebd156e7991b7dd03b670e1d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zQ_gp5JhYd7hfqdC0nrdVRYgKbH9oW_X
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: N67VKG2PETJJCE8K
age: 115437
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: ZFecGV/c8udqpJ2bY1H1USFtYX60PIF5+Vwbw4ZkKIcSTIl4huqDQ4lTaBrWDRGSaCSRp95HAGA=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:54:50 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.404903,VS0,VE0
etag: "22abcb7f1af50ff07cad1f800b026476"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 34467

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 424ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1689969528334%7D&tim=19%3A58%3A48.334&id=2411&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 426ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1689969528343%7D&tim=19%3A58%3A48.344&id=9592&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 425ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A58%3A48.381&id=5580&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 421ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.385&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=5405&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85464

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 422ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.387&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=7398&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85464

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 422ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.394&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9573&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85464

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 130ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.396&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2284&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85464

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 131ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.407&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5947&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85464

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 45ms
45ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: 8R6Y8MF83F4SX453
age: 83
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: y2mfqW0zNaVKBEwFw8dY+fcbOjSB9dkUju7ClvLvpp+A82nlMU2QeiiPhh7eMjog9LKHLsuhxI8=
x-served-by: cache-lis1490047-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969528.436031,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 10
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 34

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 26 KB
8 KB 476ms
476ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=19%3A58%3A48.465&route=AM:IL:V&tvi2=5906&lti=deflated&data=%7B%22id%22%3A812%2C%22ii%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA%22%2C%22ui%22%3A%22247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7%22%2C%22uifp%22%3A%22247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7%22%2C%22lbt%22%3A1689853777905%2C%22vi%22%3A1689969527639%2C%22cv%22%3A%2220230720-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22vpi%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4608%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A782.25%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 085ea814748c60932991fe901e53342313390e073c416d2d700c0488b3c8170c

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 431
date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 109139
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490047-LIS
server: nginx
x-timer: S1689969528.488441,VS0,VE431
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1080%2Cw_1440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 152 KB
153 KB 64ms
63ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1080%2Cw_1440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e51089d22c99aa4d9196e60c2d527a2352b8a139fb3ca86e89cc9fa2c1b7a36

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1080%2Cw_1440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 1424733
edge-cache-tag: 628131638865840138074933382416259481994,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 837
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tipsenweetjes.nl/
content-length: 156108
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100091-IAD, cache-iad-kiad7000157-IAD, cache-lga21960-LGA, cache-iad-kjyo7100135-IAD, cache-lis1490047-LIS
last-modified: Tue, 06 Jun 2023 18:27:33 GMT
server: nginx
x-timer: S1689969529.502000,VS0,VE2
etag: "4c60e174c5d98ad4dabb9f240af990d7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 60 KB
60 KB 60ms
59ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2703453
edge-cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 312
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 61196
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200088-IAD, cache-lga21939-LGA, cache-iad-kcgs7200146-IAD, cache-lis1490047-LIS
last-modified: Tue, 06 Jun 2023 14:49:00 GMT
server: nginx
x-timer: S1689969529.501923,VS0,VE1
etag: "41f70f4e09383f37d26f3a047e8d7fbc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 873, 1

GET
H2 200 9067458821bd75560fe23f90aaac44c6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 48ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6692d8a5a14b43ea79f4f2c831f0efacf19cdc9915516dc0a4d883457ce89cb4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
age: 3746262
edge-cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 245
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://lols.pl/
content-length: 29070
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100047-IAD, cache-sna10727-LGB, cache-iad-kjyo7100126-IAD, cache-lis1490047-LIS
last-modified: Thu, 11 May 2023 17:18:15 GMT
server: nginx
x-timer: S1689969529.502063,VS0,VE0
etag: "a53f6d7809d0e19242af07577ede08e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 332, 345

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 49ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a483647e3045f6f8835b3cba32fde7c4a51d45be87661f5b74a0a4277e6af7fb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 1565652
edge-cache-tag: 629278368362485812204278233016319296852,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 439
req-referer: https://d-2750774482671106744.ampproject.net/
content-length: 17684
x-request-id: c7885c8b973adb1f4fb7de129d9e62d5
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kjyo7100178-IAD, cache-sna10751-LGB, cache-iad-kiad7000129-IAD, cache-lis1490047-LIS
last-modified: Fri, 23 Jun 2023 03:33:32 GMT
server: nginx
x-timer: S1689969529.562635,VS0,VE1
etag: "016e285c68605761da7c71cc21e6ef69"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3455, 1

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 83 KB
84 KB 52ms
51ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3d3dfd46fa4833d6953004333dd6239c72d056cba3113e335920f775424fca0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 3125303
edge-cache-tag: 581651182490352650140986442054686683286,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 257
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 85412
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kiad7000056-IAD, cache-chi-kigq8000078-CHI, cache-iad-kcgs7200027-IAD, cache-lis1490047-LIS
last-modified: Tue, 13 Jun 2023 15:32:38 GMT
server: nginx
x-timer: S1689969529.562696,VS0,VE3
etag: "2ce1070187b6a3db9d66e64a4f43f577"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 152, 1

GET
H2 200 3b0b6763c8d0dd3056864aa4c77dbadf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 45ms
45ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b0b6763c8d0dd3056864aa4c77dbadf.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01a5dd131c20db2b3c0ad38680265ebd5f15a3991dc695f6cc4ba98c4fbef1d9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b0b6763c8d0dd3056864aa4c77dbadf.jpg
age: 2338904
edge-cache-tag: 330013999128033129226502546874935688521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 330013999128033129226502546874935688521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 89
req-referer: https://www.recetasgratis.net/
content-length: 17212
x-request-id: f3b678a563014b38baa93b46a5bdf1ed
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kcgs7200082-IAD, cache-chi-kigq8000029-CHI, cache-iad-kjyo7100031-IAD, cache-lis1490047-LIS
last-modified: Sun, 18 Jun 2023 21:07:04 GMT
server: nginx
x-timer: S1689969529.591088,VS0,VE0
etag: "068ebec85ab46ab6aa5dfab93d16cb25"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2010, 41

GET
H2 200 fingers-personality.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_1887,y_2868/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/09/03132921/ 10 KB
11 KB 47ms
46ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_1887,y_2868/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/09/03132921/fingers-personality.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 745f14ded4741f46890f8c1569a35a509ffc9bf841baa6097898f2e145fbc554

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_1887,y_2868/https%3A//content-cdn.conselhosetruques.com/wp-content/uploads/2019/09/03132921/fingers-personality.jpg
age: 5547706
edge-cache-tag: 440735938988322942864688300783488094240,476776372203932028776946420070206326079,29ecf9b93bbf306179626feeda1fab70
cache-tag: 440735938988322942864688300783488094240,476776372203932028776946420070206326079,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 85
expiration: expiry-date="Fri, 19 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://ballercap.com/
content-length: 10188
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kjyo7100069-IAD, cache-sna10727-LGB, cache-iad-kiad7000094-IAD, cache-lis1490047-LIS
last-modified: Tue, 18 Apr 2023 15:02:38 GMT
server: nginx
x-timer: S1689969529.612662,VS0,VE1
etag: "251d138657ea7b99800d47b37bca8e34"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 7, 1, 21, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
70 KB 47ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 3038419
edge-cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 399
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 70920
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kjyo7100036-IAD, cache-sna10723-LGB, cache-iad-kiad7000022-IAD, cache-lis1490047-LIS
last-modified: Tue, 06 Jun 2023 13:58:16 GMT
server: nginx
x-timer: S1689969529.625716,VS0,VE1
etag: "1c90d421946f35c8a49a65461da750a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 797, 1

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 98 KB
99 KB 47ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ba2a5f2d74cd9941d09d0da725f620af02aabea20a8f489391240df67552615

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 1668813
edge-cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 259
expiration: expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.revistafama.com/
content-length: 100368
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kjyo7100157-IAD, cache-lax10659-LGB, cache-iad-kcgs7200138-IAD, cache-lis1490047-LIS
last-modified: Wed, 14 Jun 2023 18:12:36 GMT
server: nginx
x-timer: S1689969529.638552,VS0,VE1
etag: "060ac8b01c387c8b35efce55351b6933"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 126, 1

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 628ms
436ms Script
application/javascript 23.53.40.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-162.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=137, origin; dur=206, ak_p; desc="469435_389359774_77776069_34474_1927_40_0_146";dur=1
expires: Sat, 20 Jul 2024 19:58:49 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
580 B 256ms
117ms Script
application/javascript 23.53.40.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-162.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=26, origin; dur=0, ak_p; desc="469435_389359774_77776071_2601_1637_40_0_146";dur=1
content-length: 211
expires: Sat, 20 Jul 2024 19:58:48 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 760ms
622ms Script
application/javascript 23.53.40.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-162.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=42, origin; dur=489, ak_p; desc="469435_389359774_77776072_53136_1824_41_0_146";dur=1
content-length: 18371
expires: Fri, 21 Jul 2023 20:58:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 347ms
175ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c027a897b8507f49977d5016626fe1da42a2b8a704ce8d5c89ce59159d00825e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27908
x-xss-protection: 0
server: cafe
etag: 29 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:48 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 267ms
92ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODk5Njk1Mjg1NDQsInBhY2tldElkIjoiMDAwMEE3MDEtOWRiY2UyYzgtZmFkMS00NTRhLTg0MDMtYTdiOTcyZTEwMjdjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1uYW4tc2FuLXlhLWhhaS10YW4tcmVuLXRvdS16YW4tZG9uZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJQVCJ9&c_b=2508.199998855591
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 251ms
93ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 9067458821bd75560fe23f90aaac44c6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 84 KB
85 KB 45ms
45ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9f788c0b2770cce11ba8c9b1ba7e1be565c9d24e267c23d2e00d5bfebb7dfe0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
age: 2684604
edge-cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 396
expiration: expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://pysznosci.pl/
content-length: 86312
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100047-IAD, cache-lax10669-LGB, cache-iad-kiad7000127-IAD, cache-lis1490047-LIS
last-modified: Mon, 12 Jun 2023 02:14:01 GMT
server: nginx
x-timer: S1689969529.699137,VS0,VE0
etag: "a53f6d7809d0e19242af07577ede08e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 32, 551

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 46ms
45ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f9e2d42205b6a1c720cd33802edbad14351854bc4425726a291e9baed286a6f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 3241700
edge-cache-tag: 629278368362485812204278233016319296852,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 184
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.etonline.com/
content-length: 38042
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200040-IAD, cache-sna10738-LGB, cache-iad-kjyo7100147-IAD, cache-lis1490047-LIS
last-modified: Tue, 13 Jun 2023 23:16:18 GMT
server: nginx
x-timer: S1689969529.761497,VS0,VE1
etag: "89095844a4b84ab8e6c0ad21f5274d7d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 1413, 1

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 294ms
120ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YXEgaT_aDzwjgt6i7UgQXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-YXEgaT_aDzwjgt6i7UgQXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 273ms
94ms Fetch
application/json 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1487%7D%22%2C%22eventTime%22%3A1689969528590%7D&tim=19%3A58%3A48.590&id=420&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 252ms
87ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 19:51:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 19:58:48 GMT

GET
H2 200 spa-detector.20230720-10-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 53ms
52ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230720-10-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 932e6dec5caab7bdec544cb9a595f5105f8a3279e4d943be595f15bab07f43e0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DMGYse0mtwGDwP2naPxP3HIi4xdwAX5T
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:48 GMT
x-amz-request-id: Y67GTR3VRGJ2ZSJE
age: 115389
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: JW8X0/cxxrRhak6/SkdTq4No06Vm7kTSV/FuYGbrT14BVXB8kARu9Z5iD/+XC0wj6Cd1QZFxyoo=
x-served-by: cache-lis1490047-LIS
last-modified: Thu, 20 Jul 2023 11:55:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689969529.641822,VS0,VE0
etag: "abd91b265cd8a23c4091d1d055a491a9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 35572

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 132ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A58%3A48.612&id=8825&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 133ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1689969528613%7D&tim=19%3A58%3A48.613&id=428&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 133ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A58%3A48.616&id=1794&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 135ms
134ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1689969528618%7D&tim=19%3A58%3A48.618&id=4649&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&lti=deflated&ri=03267bcd7adb5d0dc2de54f99a806eee&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969527_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218.25%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A58%3A48.640&id=2270&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 137ms
136ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.651&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=180&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85615

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2EBE 92 KB
32 KB 337ms
170ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

92818e7c74834070b0770d864c66399f15d77bf6d19f8b78c5c721938ff930ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32810
x-xss-protection: 0
server: cafe
etag: 11640789254526798865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:48 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5C7D 92 KB
32 KB 435ms
271ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9b0ff7c16f80e3fca74ec3545cb5004772212e393f48d7f862ceb11820356323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32810
x-xss-protection: 0
server: cafe
etag: 12555876770508448504
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:49 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 4B31 714 B
766 B 57ms
57ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 12973
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ea605527f08489d-LIS
content-encoding: br
content-type: text/html
date: Fri, 21 Jul 2023 19:58:48 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCXzXnxrb89Y56WhTUiufmWKAwUN5ZeE1qMKZCnnQoEODdVVgoLxxX0fmqx1AXdnMTYD2ppqlWKIOf3QR3sGWtpnTwwR7W8n2rm1oS9d23b1V3aw2gZSbBr3NtPEQhHWKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 75A7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

282ms
87ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 19:58:49 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 464ms
155ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame AC1C 714 B
736 B 63ms
62ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 12973
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ea60552cfac489d-LIS
content-encoding: br
content-type: text/html
date: Fri, 21 Jul 2023 19:58:48 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLF6MMOCw7GjAHuGdiUN67Eg70SQEFJbn1cKImsgFDmyaUGQtfwKH%2BW9%2Fmp3fqRr3YRY%2BRyvoyt3FiZaLD6WMQetQ1wV4kiuwBwESropV546dxTgqdrq6zSPlXvPuNS%2F9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FC3B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

281ms
87ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 19:58:49 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 268ms
92ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=8764&cid=amp-k5iKkzmpM38r8PqTE5g9Yw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1689969529&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 241ms
78ms Ping
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-k5iKkzmpM38r8PqTE5g9Yw&aip=1&sid=1689969529&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 291ms
86ms Script
text/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 515ms
309ms Script
text/plain 108.138.7.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4OTk2OTUyOF8wX2IxYzNhOGI1YTZiOQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-45.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 19:58:49 GMT
Via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: A-H2PYSH_oFhoVNVg8IIOZq0oRazU-vAzQ6Vic7KKmVzjDhI8K65cg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4B31 80 KB
27 KB 260ms
226ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

590c499aa8deed2f454d80bc7bab53cebe70bdb16c3ecf93b63e3f0fb9dcb560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27568
x-xss-protection: 0
server: cafe
etag: 906 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:48 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 269ms
89ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 28 Jul 2023 19:58:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame AC1C 80 KB
27 KB 253ms
253ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

94da003bda75b20ba4c418f3046cab50af4113bafac2d9c20f184096f6010c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27568
x-xss-protection: 0
server: cafe
etag: 619 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:48 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
158 B 182ms
93ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-k5iKkzmpM38r8PqTE5g9Yw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5494354789102243&gjid=0.3231224022750374&_r=1&a=8764&z=0.4782512953700695&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame FB1F 422 B
352 B 93ms
85ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1689969528925&uv=3305&tms=1689969528925&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ed9d99e5-0c60-4c6e-b5ee-39e0871098f8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ac9d1086017666491e569d3e665a47d5fb8e9885e054f27be6367fb35a4c9f9

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 21 Jul 2023 19:58:49 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490047-LIS
x-timer: S1689969529.963819,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 12DA 577 B
663 B 283ms
84ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 54b74de96ea01b6ea69a1d2c67e60d111220f21311a901e9f80010cb96786e10

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 21 Jul 2023 19:58:49 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
811 B 163ms
161ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689969528938&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1534&pt=1238011684&tz=0&viewable=true&ddast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=dfrc_vA!nonrv_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1471
x-cache: MISS
x-served-by: cache-lis1490047-LIS
pragma: no-cache
server: nginx
x-timer: S1689969529.964642,VS0,VE101
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 282ms
84ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=31589837&cb=1689969528925&uv=3305&tms=1689969528925&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1689969526037.5!ts:1689969528925&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-length: 0
server: nginx

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 135ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A58%3A48.966&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=806&cv=20230720-10-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 91011

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 136ms
136ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi2=5906&lti=deflated&ri=80208abe60965926ad3904a575789ca5&sd=v2_14909eb4a42e7f0fa83d55bf7a71452f_247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7_1689969527_1689969528_CNawjgYQ2YJdGNeWotCXMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1689969527639&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1689969528998%7D&tim=19%3A58%3A48.998&id=9387&llvl=2&cv=20230720-10-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 87a98808c6458e87b6919b87108842b3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 140 KB
141 KB 49ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87a98808c6458e87b6919b87108842b3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5963f847b5712f4c376a9ebd356d111dcab54ed1806b5249cb51db3328a5c52e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87a98808c6458e87b6919b87108842b3.jpg
age: 2707065
edge-cache-tag: 298633494717867264155997900646789625496,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 298633494717867264155997900646789625496,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 241
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://oktelugu.com/
content-length: 143184
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kcgs7200070-IAD, cache-chi-kigq8000047-CHI, cache-iad-kcgs7200042-IAD, cache-lis1490047-LIS
last-modified: Tue, 13 Jun 2023 06:41:29 GMT
server: nginx
x-timer: S1689969529.060550,VS0,VE1
etag: "e8ccb53381195cea93769b5aaf5aa0dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 1

GET
H2 200 430aa6e2f6d57167ad2a2af73d1a825d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 47ms
45ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c72a836b84a634d453a61083ef8ab26c4558ba4b310fdb4df1e86ddef6b2fbd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/430aa6e2f6d57167ad2a2af73d1a825d.jpg
age: 1433970
edge-cache-tag: 504611621092814767118893195884591538402,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 504611621092814767118893195884591538402,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 365
req-referer: https://m.youm7.com/
content-length: 23664
x-request-id: 6c6f09a9581bc38de9e7d1dec4748dbf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200173-IAD, cache-iad-kiad7000124-IAD, cache-lax10676-LGB, cache-iad-kiad7000052-IAD, cache-lis1490047-LIS
last-modified: Fri, 23 Jun 2023 14:40:16 GMT
server: nginx
x-timer: S1689969529.105590,VS0,VE0
etag: "1696859bac433022a178388e66c54bca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1585, 63

GET
H2 200 57b2331cf397aab128bba18513f6facb.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 46ms
46ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57b2331cf397aab128bba18513f6facb.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ac2be8dae68839c33a4d5a6d220b33f448a4588041b4760475a1fd920a57b92

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57b2331cf397aab128bba18513f6facb.jpeg
age: 1236934
edge-cache-tag: 413971867929742934235750513891832890032,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413971867929742934235750513891832890032,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 121
req-referer: https://www.tudoreceitas.com/
content-length: 17590
x-request-id: e508ea1613591de4fc8eecf5c3547f59
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200173-IAD, cache-iad-kjyo7100132-IAD, cache-chi-kigq8000045-CHI, cache-iad-kiad7000068-IAD, cache-lis1490047-LIS
last-modified: Fri, 30 Jun 2023 12:39:10 GMT
server: nginx
x-timer: S1689969529.113428,VS0,VE0
etag: "ddc95c0ae1dcfb23de1fbaa948d8142e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 34, 191

GET
H2 200 eyJpdSI6Ijg5ODllMjM1NThiMWMyNzIzNDdmNThmMjY3MWQ2NTUzYTkxZjQ1NmVmNTU1ZDM2NThmODQ4YWYzMThhMDU3ZDgiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/ 101 KB
102 KB 50ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6Ijg5ODllMjM1NThiMWMyNzIzNDdmNThmMjY3MWQ2NTUzYTkxZjQ1NmVmNTU1ZDM2NThmODQ4YWYzMThhMDU3ZDgiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a55ddc91ee38fae35166a00550740831117f858fcf23dc9792c9f61f1c9ae5cd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6Ijg5ODllMjM1NThiMWMyNzIzNDdmNThmMjY3MWQ2NTUzYTkxZjQ1NmVmNTU1ZDM2NThmODQ4YWYzMThhMDU3ZDgiLCJ3IjoxMjAwLCJoIjo4MDAsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
age: 5294769
edge-cache-tag: 627328095275779981541048345899297341751,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 627328095275779981541048345899297341751,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 247
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.msnbc.com/
content-length: 103074
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kiad7000129-IAD, cache-chi-klot8100033-CHI, cache-iad-kiad7000025-IAD, cache-lis1490047-LIS
last-modified: Thu, 11 May 2023 16:40:09 GMT
server: nginx
x-timer: S1689969529.131388,VS0,VE1
etag: "9ec7a82cb6fa98fbd2498f8c4c9cb85e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 158, 1

GET
H2 200 dc27fd92c9a283c32c4f1a2ed3bd8261.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 60ms
58ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc27fd92c9a283c32c4f1a2ed3bd8261.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde42e8dd7ff1c925645f81d4a3301530035f1e8140bc24214d86f54e1824e5a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc27fd92c9a283c32c4f1a2ed3bd8261.jpg
age: 3986645
edge-cache-tag: 516418524626757174904130952259657785335,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 516418524626757174904130952259657785335,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 341
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 38064
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kjyo7100127-IAD, cache-sna10735-LGB, cache-iad-kcgs7200148-IAD, cache-lis1490047-LIS
last-modified: Thu, 11 May 2023 16:23:54 GMT
server: nginx
x-timer: S1689969529.131394,VS0,VE2
etag: "6fea65fc1b3bd49d5db021ea6f88d2c7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 221, 1

GET
H2 200 8abb57a8c411c5a1aed9eca508c5df36.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 46ms
45ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8abb57a8c411c5a1aed9eca508c5df36.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba09039ddead4e5786e8ac622b4429213a762d0ae478c53e593f1f5ded1b035

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8abb57a8c411c5a1aed9eca508c5df36.png
age: 1471246
edge-cache-tag: 596152738974232433136982050560916467521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 596152738974232433136982050560916467521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 94
req-referer: https://ensedeciencia.com/
content-length: 4732
x-request-id: 824a3ba19037d84d00a0f6b56ddaa3c6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000144-IAD, cache-iad-kjyo7100125-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000049-IAD, cache-lis1490047-LIS
last-modified: Thu, 29 Jun 2023 02:46:12 GMT
server: nginx
x-timer: S1689969529.131560,VS0,VE0
etag: "fc570d41e90305da0c3e5dad42e384e3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 49, 24

GET
H2 200 777370e2c3d0d33f7d65bd18d6801d91.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
17 KB 47ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/777370e2c3d0d33f7d65bd18d6801d91.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0441172eb51a61cb9201f2b8261890422cfdaf3f89517fb552e8e6803242272a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/777370e2c3d0d33f7d65bd18d6801d91.jpg
age: 2973752
edge-cache-tag: 461894395115279116768326366852954926128,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461894395115279116768326366852954926128,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 113
expiration: expiry-date="Sun, 18 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 16910
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200127-IAD, cache-iad-kcgs7200030-IAD, cache-sna10730-LGB, cache-iad-kjyo7100100-IAD, cache-lis1490047-LIS
last-modified: Thu, 18 May 2023 17:39:34 GMT
server: nginx
x-timer: S1689969529.131558,VS0,VE1
etag: "640ba06f226c3b99c432c3f26156639b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 22, 1

GET
H2 200 Screenshot-1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/dp3ngsp/ 49 KB
50 KB 48ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/dp3ngsp/Screenshot-1.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c0d448d9b49d77b54f2274d3f6c3f7b204f45cdf6d8a12dd9d4006efb95d380

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/dp3ngsp/Screenshot-1.png
age: 2510580
edge-cache-tag: 571933943266984459332705917745662364542,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 571933943266984459332705917745662364542,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 330
expiration: expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.manchestereveningnews.co.uk/
content-length: 50008
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100129-IAD, cache-sna10735-LGB, cache-iad-kiad7000096-IAD, cache-lis1490047-LIS
last-modified: Mon, 12 Jun 2023 10:22:00 GMT
server: nginx
x-timer: S1689969529.154193,VS0,VE1
etag: "832994d7c46d21df8f6640476e167874"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 63, 1

GET
H2 200 alzheimer.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/ 21 KB
22 KB 47ms
46ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/alzheimer.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b611a3c0bebba3ef5cac63c3726f77378edf28008d2befff552fa7a8926772b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/alzheimer.jpg
age: 1258322
edge-cache-tag: 553835927522820360324453143143372861372,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 553835927522820360324453143143372861372,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 1101
expiration: expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://br.psicologia-online.com/
content-length: 21760
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kjyo7100074-IAD, cache-lax10623-LGB, cache-iad-kjyo7100028-IAD, cache-lis1490047-LIS
last-modified: Sat, 17 Jun 2023 17:30:01 GMT
server: nginx
x-timer: S1689969529.161557,VS0,VE1
etag: "6407e569010adbf65f119f83e03db13e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FB1F 70 B
265 B 373ms
122ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1689969528925&uv=3305&tms=1689969528925&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ed9d99e5-0c60-4c6e-b5ee-39e0871098f8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame FB1F 43 B
425 B 300ms
95ms Image
image/gif 52.212.161.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1689969528925&uv=3305&tms=1689969528925&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ed9d99e5-0c60-4c6e-b5ee-39e0871098f8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.161.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-161-120.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame FB1F 43 B
146 B 272ms
88ms Image
image/gif 18.193.178.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1689969528925&uv=3305&tms=1689969528925&abt=dfrc_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=ed9d99e5-0c60-4c6e-b5ee-39e0871098f8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.178.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-178-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 385 KB
122 KB 83ms
83ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3516
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 19:00:13 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ Frame 2EBE 360 KB
123 KB 171ms
171ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b029136f9fa7b4bb3b612bcf1181b4ca45dcb92191b0e8adaa93f202534296a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126223
x-xss-protection: 0
server: cafe
etag: 938681187870410139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:49 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 4B31 385 KB
122 KB 113ms
111ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3516
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 19:00:13 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame AC1C 385 KB
122 KB 122ms
121ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3516
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 19:00:13 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_0_5/infra/ 889 KB
148 KB 158ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c8f1724bd314bb1545a4155a2a52edcf6bedd5717cf18fde816f9979e8fc8abb

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689758810
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 41BDABBNJ0E7N6A3
age: 210577
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689758811
x-amz-meta-mode: 33188
content-length: 150884
x-amz-id-2: 56DIiz5vQNVnsv0Pwl5hxjIerEnIoyFwAZlXq7WFEqZEhn7lMVeLeGeIDMha8QOkb/eER9Zye10=
x-served-by: cache-lis1490024-LIS
last-modified: Wed, 19 Jul 2023 09:26:52 GMT
server: AmazonS3-br
x-timer: S1689969529.262538,VS0,VE0
etag: "e4e90f4aac9df96ba121298cb7221ead"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 38820

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_5/assets/css/ 60 KB
8 KB 59ms
59ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689758828
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 41B455WNG553PQQ0
age: 210576
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689758829
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: H7O4nlYLyInCdNnpNAqE1rz0BQWtPtp3Gs2FUXkf3sO853DdrMxPyubyDnzsp1/18G8u+duc1T4=
x-served-by: cache-lis1490047-LIS
last-modified: Wed, 19 Jul 2023 09:27:10 GMT
server: AmazonS3-br
x-timer: S1689969529.138171,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 56959

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 288ms
91ms Script
application/javascript 99.84.88.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-111.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:17:16 GMT
via: 1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 2494
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: tCgNthPTjf-ssagqBiQbt-SGDL246X4PqXcQsNbpGZdRD_yCGItoXA==

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 89ms
88ms Script
application/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Fri, 21 Jul 2023 19:58:49 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ Frame 5C7D 360 KB
123 KB 208ms
208ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ffd727eb8200be7e3c957386a2e2bd9dc7ccc07cd84073f576eb631acd57d855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126223
x-xss-protection: 0
server: cafe
etag: 6366305690492193261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:49 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 12DA 70 B
264 B 184ms
124ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 12DA 43 B
426 B 110ms
94ms Image
image/gif 52.212.161.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.161.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-161-120.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 37CD 281 B
554 B 263ms
87ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 19:58:49 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 644ms
274ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H5X0H4CD79XX1SF7FHDY1EEV
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4B31 492 B
263 B 118ms
118ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4248471286769148&correlator=4146184419639087&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1689969529304&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=xckmifg6skjt&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2085486370.1689969529&ga_sid=1689969529&ga_hid=28454501&ga_fc=false&dlt=1689969528775&idt=467

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5748ea3477997b95e9d7ddb05f17a67832f44215a7ea6307d0143404a1757b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4B31 15 KB
12 KB 134ms
132ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d6121e07d79191c555920cf3208f355248345fac3eb3ed549e407f97303d0395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11741
x-xss-protection: 0

GET
H2 200 container.html Show response
ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C53 6 KB
3 KB 503ms
85ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:49 GMT
expires: Sat, 20 Jul 2024 19:58:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 8E87 495 B
665 B 919ms
298ms Document
text/html 52.192.246.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.246.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-246-101.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 21 Jul 2023 19:58:50 GMT
etag: "64b965d4-1ef"
last-modified: Thu, 20 Jul 2023 16:50:28 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 75F8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

87ms
87ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 19:58:49 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 21 Jul 2023 19:58:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AC1C 492 B
263 B 116ms
116ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=475393238980696&correlator=957527674173595&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1689969529337&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=wwvg19vrpd4t&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1519604961.1689969529&ga_sid=1689969529&ga_hid=1210082091&ga_fc=false&dlt=1689969528812&idt=457

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a372226393e05439e9f4ba09a53b0603b0f84320f166cb8f79a6b749a4eb02f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC1C 15 KB
12 KB 134ms
134ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

70ab2d341fa0c21f175db615c54472e608069d5f92677ffbe46f7dd9f2a30c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11908
x-xss-protection: 0

GET
H2 200 container.html Show response
64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74D6 6 KB
3 KB 503ms
86ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:49 GMT
expires: Sat, 20 Jul 2024 19:58:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2EBE 379 B
601 B 283ms
92ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5ce36fbb879fc8ab681043901dc030ea886684ff82c42bac3a2516c95ea0b3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2EBE 107 B
196 B 90ms
89ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 70FF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168996...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
867 B

1112ms
922ms

Document
text/html

99.86.91.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-length: 459
content-type: text/html
date: Fri, 21 Jul 2023 19:58:52 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 85daad39dc083a1e2c1e2c6d1d6698e2.cloudfront.net (CloudFront)
x-amz-cf-id: Cf6bclbRsnAtZT6GZyceJ73Sl9R_3C4aLkOC-NIHpMGnUC8yA1khGQ==
x-amz-cf-pop: CDG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: RefreshHit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2EBE 15 KB
12 KB 161ms
160ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

86d1272ba0e86c843b074854c22d267b315d1986963ace5d0314ddbdcd4a22c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11762
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 75A7 34 KB
10 KB 108ms
104ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73291
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:20:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC3B 34 KB
10 KB 102ms
100ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73291
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:20:20 GMT

GET
H2 200 pixel;r=449103388;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fp...
pixel.quantserve.com/ 35 B
372 B 102ms
86ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=449103388;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1609294263-1689969529124;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1689969529446;tzo=0;ogl=;ses=03fb1d77-6351-4819-8a85-c3d7e5bf3800;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 45ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 809052
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490047-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1689969530.559392,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 52998

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.4/ 445 KB
84 KB 47ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4ae2a06a20497b4f5d370f5f9953a35ae67c35e24d4723d7d156b90ce5769da7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689690128
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: D7W9WV70QDQ3N4MS
age: 279355
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689690141
x-amz-meta-mode: 33188
content-length: 85125
x-amz-id-2: /hVKtt6WU8bRpRE36JXpG46F5JQ520Wk+hA5KHxEY0GDd5d9c2P9vQBKHhegYeazExaHTfLOHno=
x-served-by: cache-lis1490047-LIS
last-modified: Tue, 18 Jul 2023 14:22:22 GMT
server: AmazonS3-br
x-timer: S1689969530.585411,VS0,VE0
etag: "ce3de182e42934ed6e31ae12ca4d690b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 74874

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 27F5 577 B
662 B 85ms
85ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 54b74de96ea01b6ea69a1d2c67e60d111220f21311a901e9f80010cb96786e10

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 21 Jul 2023 19:58:49 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 84ms
83ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=31579697&cb=1689969529568&uv=3305&tms=1689969529568&su=3&abt=dfrc_vA!nonrv_vA!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-length: 0
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B31 17 KB
7 KB 511ms
93ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 19:58:50 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC1C 17 KB
6 KB 543ms
137ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 19:58:50 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 37CD 34 KB
10 KB 97ms
96ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73291
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:20:20 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 47ms
46ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 403690
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490047-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1689969530.680924,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 133950

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EBE 17 KB
6 KB 480ms
117ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 19:58:50 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
332 B 237ms
236ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=5906&route=AM%3AIL%3AV&lti=deflated&bulkSize=19
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 147
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 108211
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490047-LIS
pragma: no-cache
server: nginx
x-timer: S1689969530.734665,VS0,VE147
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 75F8 34 KB
10 KB 105ms
105ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73291
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:20:20 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
741 B 106ms
106ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 21 Jul 2023 19:58:49 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 27357
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490047-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1689969530.769863,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 13
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 3972

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FC3B 284 B
536 B 440ms
84ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 75A7 284 B
536 B 518ms
85ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 27F5 70 B
264 B 123ms
123ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 27F5 43 B
425 B 94ms
94ms Image
image/gif 52.212.161.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.161.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-161-120.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5C7D 379 B
316 B 93ms
92ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

709eb32d77bcd6a1650cdf7a77d2ec47b2e6dfbf3c427e7dbed7c4b3f5f13120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5C7D 107 B
122 B 92ms
91ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0C5 25 KB
12 KB 643ms
564ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

efd4594b8e2a6fb9d83c3efee52a4b042ea8681d6b97e64c34ec2630c65a006b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11989
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
expires: Fri, 21 Jul 2023 19:58:50 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5C7D 15 KB
12 KB 145ms
145ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

34c8a9ad52bb9f58c2af2af7286cad73eca7a18ce1d6c43d0bd6b9f41bbd8206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11864
x-xss-protection: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A163 281 B
554 B 89ms
88ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 19:58:49 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 37CD 284 B
536 B 472ms
80ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 75F8 284 B
536 B 510ms
87ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A163 34 KB
10 KB 96ms
95ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 16:20:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73291
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 22 Jul 2023 16:20:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C7D 17 KB
6 KB 281ms
145ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 19:58:50 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A163 284 B
536 B 402ms
81ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49AF 13 KB
5 KB 81ms
79ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2213 783 B
743 B 260ms
90ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

b6815a4f5f99594a7df132c1b99093129a8854628884906dad7d1efc105b5fc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x_N4w37pYVx5JgjPXcF69Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-x_N4w37pYVx5JgjPXcF69Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
expires: Fri, 21 Jul 2023 19:58:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0DC 13 KB
5 KB 80ms
79ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96FD 783 B
738 B 220ms
93ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

7a4f2de624e33affe18f01a49391243f02b0cd15f9c8c3414e3b32b76536d872

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vBZjjuYkx-BF21AdXJ9fCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-vBZjjuYkx-BF21AdXJ9fCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
expires: Fri, 21 Jul 2023 19:58:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FFF 13 KB
5 KB 83ms
79ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2B3D 783 B
1 KB 210ms
90ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

a61bec2879f030475bef373d176e9b89b6b153914d26114601324bea1236d481

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_p85lhV0amgQcX94BOkktA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-_p85lhV0amgQcX94BOkktA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
expires: Fri, 21 Jul 2023 19:58:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C14F 13 KB
5 KB 83ms
81ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11DD 783 B
739 B 210ms
92ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

1699a7748e9a5e3ce1338feb4a59dd6a4353ca0ed71cefdb3174141457fbb221

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hJ6sfI59j0tLKVw7tPxWxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-hJ6sfI59j0tLKVw7tPxWxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
expires: Fri, 21 Jul 2023 19:58:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 75A7 0
239 B 596ms
86ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 49AF 37 KB
14 KB 81ms
80ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 8E87 0
268 B 298ms
297ms Script
text/plain 52.192.246.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.246.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-246-101.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:50 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 37CD 0
239 B 821ms
143ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame C0DC 37 KB
14 KB 81ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FFF 37 KB
14 KB 90ms
90ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame C14F 37 KB
14 KB 91ms
91ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 45ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-10-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 19:58:50 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 1451
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490047-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1689969530.355154,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 75
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2470

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 689ms
152ms Fetch
application/json 3.233.145.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-162.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvaGFpLW5hbi1zYW4teWEtaGFpLXRhbi1yZW4tdG91LXphbi1kb25nLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
870 B 210ms
209ms XHR
text/html 23.53.40.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvaGFpLW5hbi1zYW4teWEtaGFpLXRhbi1yZW4tdG91LXphbi1kb25nLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-162.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Fri, 21 Jul 2023 19:58:50 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=27, origin; dur=95, ak_p; desc="469435_389359774_77777293_12198_1628_41_0_219";dur=1
content-length: 555
expires: Fri, 21 Jul 2023 20:58:50 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 51ms
45ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490024-LIS
date: Fri, 21 Jul 2023 19:58:50 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0C5 42 B
63 B 117ms
116ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DbJWSJO1jBMGZLZa3SUxnAssKNnj6W9kk7ahojfTE2LVzT5ofrsFt-aLcsw570pjyYPJy85cHFckVsVZDyxvqxNSDtUXg1H_LE6X7_8PEBuN6fTXA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0C5 0
20 B 117ms
117ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18171757964449618639&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B0C5 85 KB
29 KB 172ms
171ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame B0C5 3 KB
1 KB 83ms
81ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame B0C5 20 KB
8 KB 82ms
81ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B0C5 0
0 89ms
87ms Image
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSG0Z1A5-GhkFRb0VnzrZkh8Bsl190Mub1DRzxNBg6izddSUHF6i42apXra-ATSeeb_eB0_9EOVX-3b5bJFCeUgozA2gA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0C5 179 KB
57 KB 1361ms
157ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:51 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 228F 624 B
288 B 122ms
120ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjFsNDGATAB&v=APEucNW1Pblamq-mcPZT2ABoQZSF295pipYPgKkmgVBujX7KOiFkOxtGDyelRwaXehfqKINsoaE-9kQwLGPFWxzV1g-KdBNzTHQI58s-AzyAddAviwaUcrTnR0MZVYLn6xY9rFV3f85CxLwyuEthwPiMykuhFlrgXi-Vb5ZFQxbEJEa3nQrFOGs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 676ms
141ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Jul 2023 19:58:51 GMT
cache-control: no-store
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49AF 0
10 B 80ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VpT47A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2B3D 0
0 116ms
116ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=1869000484982865&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2213 0
0 116ms
116ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=4248471286769148&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11DD 0
0 116ms
116ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=433876379333420&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 96FD 0
0 117ms
116ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=475393238980696&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 104ms
103ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3a66bd3cd6b865c61f9c7bb5c805f4a5285b67032ccd032eb7e60d072addc36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 19:58:50 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 228F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1&C=1

43 B
632 B

176ms
92ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjFsNDGATAB&v=APEucNW1Pblamq-mcPZT2ABoQZSF295pipYPgKkmgVBujX7KOiFkOxtGDyelRwaXehfqKINsoaE-9kQwLGPFWxzV1g-KdBNzTHQI58s-AzyAddAviwaUcrTnR0MZVYLn6xY9rFV3f85CxLwyuEthwPiMykuhFlrgXi-Vb5ZFQxbEJEa3nQrFOGs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 19:58:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 19:58:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 228F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLrjfZXpwGFPe29KjMfCUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1

43 B
632 B

89ms
87ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjFsNDGATAB&v=APEucNW1Pblamq-mcPZT2ABoQZSF295pipYPgKkmgVBujX7KOiFkOxtGDyelRwaXehfqKINsoaE-9kQwLGPFWxzV1g-KdBNzTHQI58s-AzyAddAviwaUcrTnR0MZVYLn6xY9rFV3f85CxLwyuEthwPiMykuhFlrgXi-Vb5ZFQxbEJEa3nQrFOGs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 19:58:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRGJCvqj_ElTKm69XjQjjg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 228F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK9QKwaJr-icsTZHoCDwkhs&google_cver=1

43 B
841 B

85ms
85ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK9QKwaJr-icsTZHoCDwkhs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjFsNDGATAB&v=APEucNW1Pblamq-mcPZT2ABoQZSF295pipYPgKkmgVBujX7KOiFkOxtGDyelRwaXehfqKINsoaE-9kQwLGPFWxzV1g-KdBNzTHQI58s-AzyAddAviwaUcrTnR0MZVYLn6xY9rFV3f85CxLwyuEthwPiMykuhFlrgXi-Vb5ZFQxbEJEa3nQrFOGs

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:51 GMT
an-x-request-uuid: ae2622a6-6e89-4488-b12c-7064cab1526d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.154.174.82; 5.154.174.82; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK9QKwaJr-icsTZHoCDwkhs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 228F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0Mzk2Mzg4OTQxMDUwMzM5Mw%3D%3D

170 B
243 B

91ms
90ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0Mzk2Mzg4OTQxMDUwMzM5Mw%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:51 GMT
an-x-request-uuid: 44a578f7-51b9-4155-806e-26bd9e0510e7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0Mzk2Mzg4OTQxMDUwMzM5Mw%3D%3D
x-proxy-origin: 5.154.174.82; 5.154.174.82; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C0DC 0
10 B 80ms
80ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9sRPDA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0C5 0
20 B 117ms
116ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2939355138142&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0C5 0
20 B 117ms
116ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2939355138142&version=m202306200101&ct=77&x=1&cor=18171757964449618000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B0C5 16 KB
12 KB 125ms
124ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkEBGshlmBr4GHivVaLx30Fc5GcKdIUk1wO0j3IxqNfuQH3MHtSMAw04g9AapSyPOD9K05Zl3X3Fth9CeAfvuCl7u872oT_U43J2PUpV9bk16BoPEhMX-x57O1gX6-Q4tHdzvCOSile3jlR5xtO1rqL1tcvvowdZUcJYIyACDbKm7le9I&cry=1&dbm_d=AKAmf-AN8pY_6sz0yn1982H4gHze7b9fpYyTK4ORsimVaPMmMA-xWSgWIn3ALS1bXYgZoEJVnHpqEAKlqYPxQq5vrhOGb34ZiCMwU5Om8YGXH9E7FYwgvTjLpLyuDeJMUewy9Sd9ZsaCkc2fFJWuFQbq5tnkB7oU-g9QW-Bm-ujrWn-GugHpZP2t9PMt6AgxcUd7hyxUrAc1Su_Lngg9JEN9L7-GqzsqKOqjwQow9uZr9hOV4zj_LddExUHCTMkQXFsqgAwZGziwuLIvgpB5uuBhELrhjCOO6RdOQw_bTtJ1-kuepDg-B93gVsXiDfRbrq0r0nIkAtlGv8Ml-pAMmeN8GCv-RWiNho10OKmmsCkfoF3Djn-Eyupus54B2fDn50r0Ucz8oVmxoVCpQMguw3aXeP7zm9FwNiwzXbWmDS7BQo5OXv8JJAesqtxIv5kdukYsgZYz359VZkio1eoZH_LvU1TrEoJQerRrMMgI0N8ytP57VP8ilC3XmZjNvZio8CNgNXX952MOJaFZ3YO3WFBG1UFIdfYDHWUOw0zWROru6_fY-GrzKbQaFXCRF43g97QQbknPZhOHogzA88lP4U16BADKLWs3zAXsRHWQV1_OI4VqFapFmSpylCZBING33hX4dCGPSgm9ajTJ5Dg8IZNEb9-wiqknBskVoll-qD13MQaPT09QjWLAr3HQU7ziKbrXlDfb3MuCZeuZ4LlIi5boSFG1Z0dfV8H5gW1XuNTdhhvDdWPhqKes1LyIbZPFyFCljszbNJDtxhukekp5tgzrTP4IIzKY6rLcpVl89BwsGo6Cn8Uumy9bH7UJjnYo8KOPPEDjs9cfDrGalg3QSGNy-hXLPGvT62ZM2qbVxdTEDJmKjRH4sDUxIJx_dvyP82RipkDlh3wx4TPLdCUd2xNSEWDcgnTfLjfHOS8Yy0PyWHshkdI5QDa2KYSH8oI_PSrzd_7XXRJfn3ClEZKEgbzpf81bfW14F0UeoTWflUvi_g6nfDQHBY_HtgAM9a1Nd5l6-psY0U1RnOrFG2_dcPMpjsWSkE4zkX14MVRVaOwd0XbNuWFp0srEFedrnWsXiHxjWFP0mQU1qzp8VvEzZTqP2dgr6VyuW8qcBMxNv9V3ZncjQrEdxiFTynNsBmTQvxyUjbzE8Q88ZgecGE8E5yWKWJLETezJ0L2Yxev2QmUOs6InqKIp0_if6s6ZVwHN5rxyxuaVNXfb15gJ-8xJWSw2r1DErG934jplrSRZbdOdL7KgizmsfQLwDtHuYWZNKsHcM9Y1shqbDqXZUkrOnAMcaUj5Hd70FprABsQnI7V0WmBsp2-ubu1C3xveNkQ72gFrwXaZA3G7FXYd7yS60g00Uo75P8aoWOVu2Ixdfwemigv9wJSL-3M6BCX3WaGFhpSPb7VpPlFMxNDzsw3XY__PTbJ6uszH63TVTOmmLqpL5AcFpwGfK7Y8KszDksGXxx3598FC45vtj6kmRMTt-FCMdvF-w-twlpmSGr7gFd_74Y7BE4pV6Yalw8JlV-xXLdObfpN0ZamZQ3UVIN_27mKpw-4fIO3UxpVJpqH66fRpY6Z1mWYorPHR1NugXhuRAjXU9fA0cCiwxOgybUqdABY9AzoZIPqHeojfXdEznbf159rJRNxk7kzqNnXNPay-7iYmTJpInw0el5GbeDC7Le8TH-a6W6mbUZS0yvXBc_DTmt5DGWdmMZLRz-tYV73IABQdymrYTe07bPQSc7H5h3jLcXbLD7sThB05Jw2vFivlRaMnZ9jTZxkqcrXK7t1hIhxew-pGJxSC5Qp7q-WdfCOthntqzjnjwVA616vNs8STrLIwb3M27MRfXGdISG8HFZ6CZWaaB_DkTlxg7RjoY1acHLgfQUDxyCPmKYUQ1SGUHlBE9qV5F62kHJzbMB_DL6Hoe2hZYNx8Fh2aRHhoEUek2eTzvMapcmTG8oS1UjxZH3ObwAe2xriFv1WiyDaWZDYwaa4CbBCsoeguI6yJGXEP433u3HlieJvRuIA-XAB3ZZkUUciM65d13CYkVgEpKuHqSW-Yw_eaISnO0G9UBEXybSsHEF08xDLT2GSrZuhj4sPBWgs8MG1E9McHKF5CAYYa6mrIR7zZLkeui_ck4Z8sxcMWUk4ZMSm_F-jz8TsTk5RjPaW69tYFErNh8GOBbpEH3YHJVOrBjrOZPCwaXuG8Kxc2vOEkk9SK8aPN2Ugu1JJrOffyE7IvH-pCaApU48p6Suvu5Wn2zm1_3leprS3KOMYEUM21vf73kc-1uDs58kqehhhilv938dQr-nO5SXIsE92IX9opAEUofF9ZsrNx5bqgQUXkM83VrflMylQMwbcuqRdpShiAZnN0gvrhUfBTvbvxCrCxpETdBf9I7wgN-6eCWGvrjI59YyjctKKEwxk5DqigZBhcrjPmq9qn6nBhg_GtZ64Ik59dHgtvhEV4wE-Ys40b-LvDj3PpcJdGlvNEZkiByWwFkUttfL0Fch1MI3CK9wcGS91bEr4Yq_v5TuQ19K2SE8l86KMAjUW8-iOJ65FxFKf-RCKJGVqzcxY4LFRBGQR0ofhtzIWd8Bb5KUy_8W7GAEi3QxSiRfVKZ0t0RibaOOSB5yFKcWH2u8DV7jrm8W3hJHQRizF2PQiu-oZVwtpz3E4K6IoJFrsXxHfT0s0xo78SfUDykHLBFKXOG_lzVQK-Zr_UGP8T-eLH0IMMfwp5d4w4KSp3CJLkId78_b24Kd3dTLeaJTmmKraa6fx4cVgn21RnJvhwUn5CTzKWy_K5pNKt-HbZjrZXNn0Kgu_eCvjMlpKLTtdOrWDnwwi4mG4fW1g53VIqCUdEbCNGqPBhs2VomTy1Ks9xfcdhmciLxUH5J2HDYPgRmAySlnUUizJZ6IjXkYOWja_iNRGgBJH8QXBvM4y5tpoNVxE9qQJKrS5QW9WKpwC2xeTXiX2rW28zxVGx-qPTBp_QCrr22Y8wsWQtnF290Zk3CF8ZzvdU23wWUYQ_vxXWOi-nlBRoCuZ0vj9AFtCq77TmUW-I5pPHm0WrAauJ8QU9D8PrjQnMqwWAZq6HoaSMLy2uZ5IAsCJlBmmMLMG1uGBnVyk_KF9N8VmEb6v8NHmVCNeQpTOuYmd7NKKyDgADfskXRmC2rMqumU6WHeeU1mS7e_IYM4bMFtraOtjOyityy5uvucNfGWi8JuyKpShcnofR2vpbhmkx8R6WXumcSelyg9CQndlEJaTgi622j9aTrjJ-bisjpAArTzCwxafoMm9PcIB2hI-Jvzst4MaApGhMCNlcLLnzkMnJWL7kEsOuNVTnFUgJhvcS0z0dDXkHsQvxjVsv7shMc1tT7ScTyKxg7xX6ilxi5SWIs2vIFURgsEGyakM8tRg5ntFW1YPUz836_9lXbgG0_rxzAunx7NhQWyGptSic0TEMXXsd8OgnobpA_RHTqjAea-qySrYigO3T483dcaPKQSKybsy1tQuil_oyRAKbEgHcuwqWb0Qo6UASdetz1TcLUUf2N2FJk3NR9MgEmdTxTuMmcxE6LlMc6yGJS7bLIQSOSNIt4Jo0P7CiSayj3Bw&cid=CAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=18171757964449618000&adk=2111686228&idt=235&cac=0&dtd=53

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

c2d9d5f3e90407d633a8733e96cb7a33856d5dfe4490aa90c7edb2f9a360fa13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11924
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2FFF 0
10 B 80ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?17q9yg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C14F 0
10 B 80ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hfNf8w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 206ms
76ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37j0&_p=8764&cid=1670723785.1689969531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689969530&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B0C5 41 KB
13 KB 81ms
80ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkEBGshlmBr4GHivVaLx30Fc5GcKdIUk1wO0j3IxqNfuQH3MHtSMAw04g9AapSyPOD9K05Zl3X3Fth9CeAfvuCl7u872oT_U43J2PUpV9bk16BoPEhMX-x57O1gX6-Q4tHdzvCOSile3jlR5xtO1rqL1tcvvowdZUcJYIyACDbKm7le9I&cry=1&dbm_d=AKAmf-AN8pY_6sz0yn1982H4gHze7b9fpYyTK4ORsimVaPMmMA-xWSgWIn3ALS1bXYgZoEJVnHpqEAKlqYPxQq5vrhOGb34ZiCMwU5Om8YGXH9E7FYwgvTjLpLyuDeJMUewy9Sd9ZsaCkc2fFJWuFQbq5tnkB7oU-g9QW-Bm-ujrWn-GugHpZP2t9PMt6AgxcUd7hyxUrAc1Su_Lngg9JEN9L7-GqzsqKOqjwQow9uZr9hOV4zj_LddExUHCTMkQXFsqgAwZGziwuLIvgpB5uuBhELrhjCOO6RdOQw_bTtJ1-kuepDg-B93gVsXiDfRbrq0r0nIkAtlGv8Ml-pAMmeN8GCv-RWiNho10OKmmsCkfoF3Djn-Eyupus54B2fDn50r0Ucz8oVmxoVCpQMguw3aXeP7zm9FwNiwzXbWmDS7BQo5OXv8JJAesqtxIv5kdukYsgZYz359VZkio1eoZH_LvU1TrEoJQerRrMMgI0N8ytP57VP8ilC3XmZjNvZio8CNgNXX952MOJaFZ3YO3WFBG1UFIdfYDHWUOw0zWROru6_fY-GrzKbQaFXCRF43g97QQbknPZhOHogzA88lP4U16BADKLWs3zAXsRHWQV1_OI4VqFapFmSpylCZBING33hX4dCGPSgm9ajTJ5Dg8IZNEb9-wiqknBskVoll-qD13MQaPT09QjWLAr3HQU7ziKbrXlDfb3MuCZeuZ4LlIi5boSFG1Z0dfV8H5gW1XuNTdhhvDdWPhqKes1LyIbZPFyFCljszbNJDtxhukekp5tgzrTP4IIzKY6rLcpVl89BwsGo6Cn8Uumy9bH7UJjnYo8KOPPEDjs9cfDrGalg3QSGNy-hXLPGvT62ZM2qbVxdTEDJmKjRH4sDUxIJx_dvyP82RipkDlh3wx4TPLdCUd2xNSEWDcgnTfLjfHOS8Yy0PyWHshkdI5QDa2KYSH8oI_PSrzd_7XXRJfn3ClEZKEgbzpf81bfW14F0UeoTWflUvi_g6nfDQHBY_HtgAM9a1Nd5l6-psY0U1RnOrFG2_dcPMpjsWSkE4zkX14MVRVaOwd0XbNuWFp0srEFedrnWsXiHxjWFP0mQU1qzp8VvEzZTqP2dgr6VyuW8qcBMxNv9V3ZncjQrEdxiFTynNsBmTQvxyUjbzE8Q88ZgecGE8E5yWKWJLETezJ0L2Yxev2QmUOs6InqKIp0_if6s6ZVwHN5rxyxuaVNXfb15gJ-8xJWSw2r1DErG934jplrSRZbdOdL7KgizmsfQLwDtHuYWZNKsHcM9Y1shqbDqXZUkrOnAMcaUj5Hd70FprABsQnI7V0WmBsp2-ubu1C3xveNkQ72gFrwXaZA3G7FXYd7yS60g00Uo75P8aoWOVu2Ixdfwemigv9wJSL-3M6BCX3WaGFhpSPb7VpPlFMxNDzsw3XY__PTbJ6uszH63TVTOmmLqpL5AcFpwGfK7Y8KszDksGXxx3598FC45vtj6kmRMTt-FCMdvF-w-twlpmSGr7gFd_74Y7BE4pV6Yalw8JlV-xXLdObfpN0ZamZQ3UVIN_27mKpw-4fIO3UxpVJpqH66fRpY6Z1mWYorPHR1NugXhuRAjXU9fA0cCiwxOgybUqdABY9AzoZIPqHeojfXdEznbf159rJRNxk7kzqNnXNPay-7iYmTJpInw0el5GbeDC7Le8TH-a6W6mbUZS0yvXBc_DTmt5DGWdmMZLRz-tYV73IABQdymrYTe07bPQSc7H5h3jLcXbLD7sThB05Jw2vFivlRaMnZ9jTZxkqcrXK7t1hIhxew-pGJxSC5Qp7q-WdfCOthntqzjnjwVA616vNs8STrLIwb3M27MRfXGdISG8HFZ6CZWaaB_DkTlxg7RjoY1acHLgfQUDxyCPmKYUQ1SGUHlBE9qV5F62kHJzbMB_DL6Hoe2hZYNx8Fh2aRHhoEUek2eTzvMapcmTG8oS1UjxZH3ObwAe2xriFv1WiyDaWZDYwaa4CbBCsoeguI6yJGXEP433u3HlieJvRuIA-XAB3ZZkUUciM65d13CYkVgEpKuHqSW-Yw_eaISnO0G9UBEXybSsHEF08xDLT2GSrZuhj4sPBWgs8MG1E9McHKF5CAYYa6mrIR7zZLkeui_ck4Z8sxcMWUk4ZMSm_F-jz8TsTk5RjPaW69tYFErNh8GOBbpEH3YHJVOrBjrOZPCwaXuG8Kxc2vOEkk9SK8aPN2Ugu1JJrOffyE7IvH-pCaApU48p6Suvu5Wn2zm1_3leprS3KOMYEUM21vf73kc-1uDs58kqehhhilv938dQr-nO5SXIsE92IX9opAEUofF9ZsrNx5bqgQUXkM83VrflMylQMwbcuqRdpShiAZnN0gvrhUfBTvbvxCrCxpETdBf9I7wgN-6eCWGvrjI59YyjctKKEwxk5DqigZBhcrjPmq9qn6nBhg_GtZ64Ik59dHgtvhEV4wE-Ys40b-LvDj3PpcJdGlvNEZkiByWwFkUttfL0Fch1MI3CK9wcGS91bEr4Yq_v5TuQ19K2SE8l86KMAjUW8-iOJ65FxFKf-RCKJGVqzcxY4LFRBGQR0ofhtzIWd8Bb5KUy_8W7GAEi3QxSiRfVKZ0t0RibaOOSB5yFKcWH2u8DV7jrm8W3hJHQRizF2PQiu-oZVwtpz3E4K6IoJFrsXxHfT0s0xo78SfUDykHLBFKXOG_lzVQK-Zr_UGP8T-eLH0IMMfwp5d4w4KSp3CJLkId78_b24Kd3dTLeaJTmmKraa6fx4cVgn21RnJvhwUn5CTzKWy_K5pNKt-HbZjrZXNn0Kgu_eCvjMlpKLTtdOrWDnwwi4mG4fW1g53VIqCUdEbCNGqPBhs2VomTy1Ks9xfcdhmciLxUH5J2HDYPgRmAySlnUUizJZ6IjXkYOWja_iNRGgBJH8QXBvM4y5tpoNVxE9qQJKrS5QW9WKpwC2xeTXiX2rW28zxVGx-qPTBp_QCrr22Y8wsWQtnF290Zk3CF8ZzvdU23wWUYQ_vxXWOi-nlBRoCuZ0vj9AFtCq77TmUW-I5pPHm0WrAauJ8QU9D8PrjQnMqwWAZq6HoaSMLy2uZ5IAsCJlBmmMLMG1uGBnVyk_KF9N8VmEb6v8NHmVCNeQpTOuYmd7NKKyDgADfskXRmC2rMqumU6WHeeU1mS7e_IYM4bMFtraOtjOyityy5uvucNfGWi8JuyKpShcnofR2vpbhmkx8R6WXumcSelyg9CQndlEJaTgi622j9aTrjJ-bisjpAArTzCwxafoMm9PcIB2hI-Jvzst4MaApGhMCNlcLLnzkMnJWL7kEsOuNVTnFUgJhvcS0z0dDXkHsQvxjVsv7shMc1tT7ScTyKxg7xX6ilxi5SWIs2vIFURgsEGyakM8tRg5ntFW1YPUz836_9lXbgG0_rxzAunx7NhQWyGptSic0TEMXXsd8OgnobpA_RHTqjAea-qySrYigO3T483dcaPKQSKybsy1tQuil_oyRAKbEgHcuwqWb0Qo6UASdetz1TcLUUf2N2FJk3NR9MgEmdTxTuMmcxE6LlMc6yGJS7bLIQSOSNIt4Jo0P7CiSayj3Bw&cid=CAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=18171757964449618000&adk=2111686228&idt=235&cac=0&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 01:53:14 GMT

GET
H/1.1 200
OK fq676ms9mj7a Show response
hal9000.redintelligence.net/zone/ Frame B0C5 11 KB
4 KB 522ms
93ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/fq676ms9mj7a?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5VcNeeO6ZPCHOdGdiQOM7arACJ7ZlqFp6auh-9sP8C4QASDSzIEaYO383YWsG8gBCakCyB5BCYOlsj6oAwHIA5sEqgThAU_QC_SdUf54i0eVqZmyqKI5UiJsj31NHjV1bDnqdejPhFCPSkal12KKuQF_9LDv6M6A_KajLjS45AQPpBES4yaqUu-kbllnWmjeTsXqmEs7_6q2o1VM4nmI2IAPWr2Pd7ao2OttufGL-tb-tYH6rTx4KAjwlINCj0uOBbIq2gahbIU4N6L8nWZXDtKGG1dJc31yUdN0hXd-XWE-KLxZxZeGzZLfltRz6GDtAaTmp9Psm58psgLRhCDU_-KgMthDlr-_NpPBTv5TwZR9Gd5hGzjIKqPaobTSbxfF_DS3BAYAxMAE1_WW0vMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE%26sig%3DAOD64_0RADwPz8eo19-Gx3X0PwkOo3wGkw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Bms_u8whGpFqiGCPNK6eohENoM4xHEVEe3A1J_ROgXMBVtg7__m8ZTzDTwuih6-ReCw3g5Z5MdPfP0RjlDrqozgUxs3ucNybq808Tys-dikuUYNUimZzKOEh_xinzL5bWUvL1FNYEbm6kevOp7JV7EJSXVXdQS8sz5r2kFrRkOmVESy-Q%26cry%3D1%26dbm_d%3DAKAmf-CmRdI2YoES5kqqR6OTlHeRuiBfwOgs2VH0Us8Ae659aghDcNWoZNjboohfE-WC5lMLDO5F-7l9yGPBIB--Id2EmbYHIpG0XKS-p_tz6E9Q2Bs5TAC8VvmiM5aEaiqMSJa8AWo0qY20hVlp4OFyH4iYSus8o-gmfT1DfJdgC32EIjG5GyVX88xY4bK0cfhf_jj9OLqmposilZpftUVqUco0M-GXTqNSeOk9ya-66O0rz-ccP4hx1lj3qYI5VQqJBZxfew4te3G7XuV8GRZXo0Uwfu47JRJWWKeQJOer6i6z7SI2WKOLZCK6OLqgZAI_O2ZPspioaHaDsLSYSdXqOSgKl1mpAUnSCApz3G6r5v_WOJNZutwC-_5S0dikWW7nOICeM3k5vjSOJI2E7aJcKUM2boIDwSeYv6Ns8piexH6LkvaUj02aoNfjzT2KfSiwGeGOcMRTEG51XG786XHU9y41Hch78VyvKyykoBrIO8t1LWv79cejigrHbJ3UUW70yBAjc2WLImpbQqKP6O1x9yWNRQ9DYGK2bqmqDCiT6lGs90eM7CVRpYgZE_ccodiV9iOwEa5qH49Jf4BEqVGXvEwamNnjoCrYEsL6TUKWSXYRbnhwwJQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c6ae095d4e99879283af272733c43781ad19c5451eb0fa8d2d502fa2bff78d06

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4121
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2828 22 KB
8 KB 81ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 32721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 10:53:29 GMT
expires: Sat, 20 Jul 2024 10:53:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2828 37 KB
14 KB 82ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B31 0
0 120ms
120ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=4248471286769148&bg=!cHOlcyfNAAZsPphkTD47ADkAdvg8WryE4PQaFccru8oNPk7GhNIzOeJitBZ46CdcOvzeSSSHkYWq0HOjtVj5ViyctvZWiDfZgbQCAAABKVIAAAAGaAEHCgB7Z3LnYC4Bie3qMRXMl2MdRqwBcXt47YrHOFKILUyavqhoT4IS9urSor8ACHUuEnT4qG8sRZmu09v3adhmOec7qXaPhTCnNaVc3ylk31ZJmQfaJ4XnUlyNsRsP9BEdAR_YSpwrmCea2Shj48eveX3N5VUpRNp099NtFKHNmQK80qFAtHOTPQIPydyaqasDe5CRgTi3Nz101wDxoRcts47n5Iux8dLny5Dhg62cdU3u2-FKGbCi9zthNoo86mWDp6cs1OPJb6biTo5D-SIw6d31t1gFeAnN-uZVNpo8lYt232iYiNsdV4ZUoe6kQtHzCKuqHr2D9RJufh9QBVVuvrpS8TONwCpEktAOElzRLozWjOBoEd8OL_31q4d59CK5U9ZS04YAQsy7yqSE_B0_Ba-wzC4o4Lw6WCJDs6LS9uhudJOH623DWFlWtSQueeuHtLaHG_fXFm_VUMNYqYUJorqprbw2JO9a0MeL7FiL_Iend81mQt-PASFHvZr9vlOkWliHD0DtDKeG008k7aD58lpYripsLFG2oPiZsZr02BmNdc_H6cUeJa_jDGgnhqUXZWcWycHxQWyLp6oJHQ7vIzc3MKw7EpNqdz6nI2zzzCwNcRBO2iTw81RKY7mmbjq9qoZHIUIjeqLohSlsxspPX_9ItgMBIb6c1VmpQpU14P7_93OF3AWRJoKGuxc7BbGvkk_Z5jlo4oGmmdD9nmJQR1fhicvVDn8RMTSbl-A2Tat0_UR-4KWqKqLXPB9ZJx0TdjNxaNgTDg79NJIbFFgvk_A353-k_nCvgyDNsfcMMd6kfPhCN71N2FpZMw-aTarNPreufnTAUZHxY2RcKd0YVLSDohL-sv7Nt-fnMz9rG0j3r4SuRj4YpwgZJPTFHd7qvEIS51J3SuCyNUYIT7oSTqJmx1Q3waOOt7Bk0WzVMkdDFA0BFTVmPSErCl1vnZdxkRGKf2k23UHFIZ_zDB29zbISZF4UQ2tkMIxIIIQsiIpItPC1iYD43-LZ0erBOvy5Fniim55xEPTIxWZIbkQAdbNi15j5V80Akf4nD8MmvBLYxYxT3UvnM2KBMmS3R3n4Jl9bF_ryhX38Q0-AAQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2828 0
20 B 121ms
120ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnWf6euO6ZPrxL63yx_APls66oAYAAAAAOAHgBAI&bg=!bm2lbTnNAAZsPphkTD47ADkAdvg8WviR1p3JjqjhcHkm0p9T2ZNIV0w_0gSoMlu2t8hiAmNF7F1KNjmIvv1bA3j0b__o_u54xd8CAAAAYFIAAAAGaAEHCgA_ebg-v62kpcUFBHR42y8q3aqdWkrmwLrT--umcbgRDyQ1onl6-IjnEafjslqcIA75sWS6Oim3e0O5I-wc1qOfmQLeLR3-VLqsWT7zUHVGbEjDKl1di3tVT6VpGJ8diIbgabanQtvbFMjNvbwty3-HFaPtIyRDPxhLimKKhMRlULyoYU97TDQITD3_AsqO6HHHc6wVIBn1bo-nWBaUKmwnMyPA5iw-tuPafTRHnGb83OQ-MspGOMRbfYwNG1RltwsDkExlCnccytnnajdbXtjKUVPjeAKrhR2_Pi8b49Szggq6iOcl3MzXL73mfS808XciKXdtS27DPR2nr7O0vVl43FvcRdIMAWe0WkFG-SJgDurVtp4SYRY-W-kgGzzgx9nA9wAhMj4ppMy0XQTj_mHz3HzmW-HUH9AIAw36SfM5J3L0A-TxxKAOOlKB_QtkfENuBkPzUh0nKYGc7l9PrXF-Aez7mkdbK3RQw0WoYH9pUcrSx7D74wSNIm0F81MTT0WbR3S5nC2V4-4TcYXO1H4Ozxhkn2e50cNh70xEI_H20_BwlVhoXu-Rr6kDvhCir1H5DgRA_21hFN1LhdZmywAQfn5x3Jka4fMjU1u0rDl_SICrG6WFFY7AT6p8vP_zgqvpUa7YhS0I6k7VYVo-869xpX27KHI8FUi5QQ59waFm3gFqUXkXVW6ucUp4HTxNYbEbHJBBzPW14PUfKw42teQcXA3neJlsQcE8FdhP-9ppL6aLs32az9ZTjhctR-C0O1R2K2aGHKr6U0Vty0SkPQwhOlZvnrVTnDA8KF-qLwzwJQFXog_TSeRC9coTBnxDTM-xA-1r0FGvmYifs1KtE90Qd3ZPYrZ7dLASdxIb-Idm7Mx0Z7pozlYA6E7kpWJarrwad3gqp16wPJX_v2GlUs22MxgNz_7-WUGHoLL-6BBXNBD0nzj89uWaB_xNYspINfQPmVLGuyn3GdtSE2DQPGFy7uAGXj4BZPde3fKQQc7zGepcniinW3KtsIIUxLlD3wcTcOuQiDRP43rntawaA8wl87ef9Z0pgi2Adq3cmHZ9IV8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC1C 0
0 120ms
119ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=475393238980696&bg=!Pj2lPWnNAAZsPphkTD47ADkAdvg8WoYejHFEAFKwgbb6UTwVGiodzlDGgo4iNseBZtTZ9jpMX9IjAGfGNTqqn2dL2O8RHT-vY5ICAAABglIAAAAIaAEHCgCtIDugfm2BTqeZR2rnEBqMOAn-hNbpzycydaiTIWM9gWY1ugQfTmKLUi-geVDbFiqMAx14BLRDqD-dyQ8JO6iGvJCc6OtKrXXTqCi2flPKCIIi69_cIA06X8cP8CY6fdXXBrpREIQM5-kQkpuQHZRRVniK-BdXMnadOOxD47yrGo6NjU21LM1nPmeA_pgwQylqgzmkCGRINSKO5I4A3S3xgMeWW0YghuovBL3oAVOZAr9E9qcCw2USOMjXB7U4T88cyLWyvxFFAdkqKPPLaUUIgjqLDrBEyMc8RSv2AxguA7jDVblzp57P2oI1CwuG3Tdf3yseLhfyy74d4my0Qxk--hgxbnEwcSFmFsms-5t1a5OcHEeOXVQKgR-FAcdflBj04CWaiULgHoVMKDdhOYDfWJds0ufg2lCCa68En62HwsOovfLPOlO1dsru0MeVtTi1Y6hGhYMwxSOkwfRWhhWhBA2Wx3EkjEFEWsYPKH10Vit-F-Tj_hACQIa5GqYBsWXjLySoluU7eo7Ia5hm0_3KZR_dZ52Tlgo1qvqLJZ-6FHJRxuxqq519udHyrZaZ8pNIzdGaFzeqv6mSrU-TYyaRSFeqXnjh8H0ivocv3eP6OtNKE2YygMVovpvomgE7c_B5nCk6UVaZpXv6D4bUcsLbC6KNdQ1wzl3p8BpYWkkk0ukNh2I_LrhUOmUTpMmDxgqYqzJUhvfumUo0oZZIIMKI_1IcYkMSMJzhG3o5R2xj-mqmT9WKMExL7XOj2uYFVGP8KL54iE4H0ejeEckiGd1y4nyXAW_4KUOOkl3v2IJzys_DcK1kTx0RzEE63NZlhTHc4e87qNq6ks7V6PrKhJLfPmcj8u4Dnaek0gKTYhLmMVuIWBvvF8SFnoHjoYjayHokahtCU129UiHCnj8xSy114E4qg0wTE0qXKMpZFUQMCWR3lGcL5bZHwP-fmBdvC97r-oKjPRpU5UnsKZ3Zyptk-DtI3zpsRIJay_YhrfP3mgU0oiAqVc0yiVUSwjht6-AaCSjJ1XV601snrBeew0xiAPqr81WLDeyp1VGtkw497dEx3fsPiYYI-Uor8YeooRGNDGv0iUJWx5NWb3DX4EHRfMvqb41KgWMff2Bw8EQX6l2GXS2VswkzNE1tU-DO1RefuzosItmCTBP6x-Q-z0Xr
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2EBE 0
0 119ms
118ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=1869000484982865&bg=!8fKl8qbNAAZsPphkTD47ADkAdvg8WqwL2RMIZoyuvRJ9k_2AOIdlKx0J0iWTUOvmbYK0kzi0l9-y-CH_miVDK7D9Hp3mXuxBwAkCAAABgVIAAAAHaAEHmQK3kTTg_FQudikD8d0q-An8p32qL0yS0JPS8uN5LQcIF3X7aC0Lonl7MY73FTUUaw0bR8qbxe10RFTU---vHS-3kiBi6zaWXAxceA2v2EVh8YGHvkA-wn30ERD4JuLpLolLwlI5bs59DQ4wJe8KdZ2KuCLxeglsteZ_llGqVE4-2jCaWGN2LkI5zpOJGPKW0s1StDdZeOOw_l4HNBjVqAI9nykIj-aL_PSgKQvVpIeLVgxyY_txj9SsS06p4UYaaMceseTyWLDf8YFT_CJH5BcChvP6NU-s9seZFT8vhQ7VDOlkNVfF13NfeOl3YC2ZqNkesEmkg6txVlAn1OHkeZndRCiMokqHhWgDyzX6wvIsWKC0R8WZAN18gRVdL-M_0IXzXY00MVk7a18so29A6ELLdAWZWjAX2VhrXDCZK48mG8JnpyW8Ffej6VIDslLPSlc_QSkAy3dbSEpikOBA3VQ82FDzlp2II6J6CPB60iw80Fmz8w_IBe85MBDjQiEF8ABclfkHeQarpOrP8sL-EB11lwQrQYO8dNxtVv6eBukYM0zTx9MoIdbZZQeVxDDIumOq2kGx0FUFEVAZLCyCLtQLFGmyVoh91fq4zmXzzpylN4beeqYYBI9-yfkLRycsmDdt1DjQpI7ndw1ct7Y6LboQ08QcSgKrlJtC3-lROOZMpeTE1JZn-c2QwPbFqaktFb2kZRl2tkAxbBq1ibjOG_2AyeV_RBAn8tPJjt_wZN09-MzWCM1Sk5ABQQ9LVi8pHhTzhuJUrZVb2QFr9DlRkLo8XA2LZvS01jFQs9tW4gpGIObt3KpvAG3ImF8uccRLoTossyV0c79p8PbYLjzAJ9TBNgTB-kl8aA5Uy4RTXsKCoEsGzBAMf_P2-EusWBJC5VmZ2sr37P2ierZ2VuBkUN_OmIqUuwrfcME
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C7D 0
0 120ms
120ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=433876379333420&bg=!k5ClkMTNAAZsPphkTD47ADkAdvg8WnMhG6w8kj2peGU5K2ki33Jhh4yZf_ANS6quuErZ54t6xmJtoM4teLZH1sSyR2nYfkjKxpACAAABWVIAAAAKaAEHmQK2Ym1SUPe27A-dobOx7BYHco_dSH3Bd-hRGESZFgCQQn3nyQplYX_5yxZDTsKJInqmknV6gk-gt_Q_k18w4LDTjKaQqd8htgC5uTQJnEzYsCFgZ9hKV6Whu9vu87Cq1IZfkw4s9wyvriFIfticFHQtF1KcY4mt_NsdpFw4wEkbVoAm5_kCpUPb29-7xZ7QQ1nYwpR8AJM7zQ8WWiDr-LimWnny_u0D8AywzPtRaS-Bz-6Ggf7y1OHOzElD3XIEvJJJghZmgnbofTBrFzdNCiF0paCYBMnGhnkCBx19O7irpNvSZ10Qo3GT4Y_u7Uafa2oPt9ePzlxL6wGl2JojV79yXREarK1inQ0UZZYHOGhxbLVIOn_Yqadxs2T9Z9eIcvc5X9zQnJ1tkMb5_k-iSthSPuDAzWAJP9eCO6eP4tJoetFOpB2tCaHFRjuvbLyF-LNxibLAZexap_FMNcyEGZCPyfvhsfXMLRQ-SJba7GBRWaRoveWq-anLfS6Fascc8c7PuNiGujn-Nf4seq5pHrQ-LAluALRghCrcuqgtIamL3_4ix6sE1kkCnx5pAO6Ihs05qCqnI7FOLF3uVDwKDMTjZ6pq--1YJG9Pxd3cezaLE1W_GQzeAJt46XO97gyK9jL-B5rjCHUgJoi_mXUGnhJm4sHJodSRhJNfNj_NJAUeaLrXZUnGu7SyeAy399wn17PSlpTN99LA-azb2RMOc25QS0_p0SpSwPExE5E3BYJpfH0UhG7F2xeGVaTReFK98JtA0GP0HpO1UfLGK95DTH1KQd2ErBWxcFhMPlTnhSTDtF2N59wb7E_D4bIL1tPGsUZHwAOda-lgIp1iWmvzvjVk31uuaUY2CgIVyR89pW8No7m5fV8ooKSvhoWAn0Qd6UbuaTjYrB6Z_WrvFga28CPcuPt1y0mY9w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame B0C5
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
937 B

588ms
161ms

Script
application/x-javascript

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5VcNeeO6ZPCHOdGdiQOM7arACJ7ZlqFp6auh-9sP8C4QASDSzIEaYO383YWsG8gBCakCyB5BCYOlsj6oAwHIA5sEqgThAU_QC_SdUf54i0eVqZmyqKI5UiJsj31NHjV1bDnqdejPhFCPSkal12KKuQF_9LDv6M6A_KajLjS45AQPpBES4yaqUu-kbllnWmjeTsXqmEs7_6q2o1VM4nmI2IAPWr2Pd7ao2OttufGL-tb-tYH6rTx4KAjwlINCj0uOBbIq2gahbIU4N6L8nWZXDtKGG1dJc31yUdN0hXd-XWE-KLxZxZeGzZLfltRz6GDtAaTmp9Psm58psgLRhCDU_-KgMthDlr-_NpPBTv5TwZR9Gd5hGzjIKqPaobTSbxfF_DS3BAYAxMAE1_WW0vMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE%26sig%3DAOD64_0RADwPz8eo19-Gx3X0PwkOo3wGkw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Bms_u8whGpFqiGCPNK6eohENoM4xHEVEe3A1J_ROgXMBVtg7__m8ZTzDTwuih6-ReCw3g5Z5MdPfP0RjlDrqozgUxs3ucNybq808Tys-dikuUYNUimZzKOEh_xinzL5bWUvL1FNYEbm6kevOp7JV7EJSXVXdQS8sz5r2kFrRkOmVESy-Q%26cry%3D1%26dbm_d%3DAKAmf-CmRdI2YoES5kqqR6OTlHeRuiBfwOgs2VH0Us8Ae659aghDcNWoZNjboohfE-WC5lMLDO5F-7l9yGPBIB--Id2EmbYHIpG0XKS-p_tz6E9Q2Bs5TAC8VvmiM5aEaiqMSJa8AWo0qY20hVlp4OFyH4iYSus8o-gmfT1DfJdgC32EIjG5GyVX88xY4bK0cfhf_jj9OLqmposilZpftUVqUco0M-GXTqNSeOk9ya-66O0rz-ccP4hx1lj3qYI5VQqJBZxfew4te3G7XuV8GRZXo0Uwfu47JRJWWKeQJOer6i6z7SI2WKOLZCK6OLqgZAI_O2ZPspioaHaDsLSYSdXqOSgKl1mpAUnSCApz3G6r5v_WOJNZutwC-_5S0dikWW7nOICeM3k5vjSOJI2E7aJcKUM2boIDwSeYv6Ns8piexH6LkvaUj02aoNfjzT2KfSiwGeGOcMRTEG51XG786XHU9y41Hch78VyvKyykoBrIO8t1LWv79cejigrHbJ3UUW70yBAjc2WLImpbQqKP6O1x9yWNRQ9DYGK2bqmqDCiT6lGs90eM7CVRpYgZE_ccodiV9iOwEa5qH49Jf4BEqVGXvEwamNnjoCrYEsL6TUKWSXYRbnhwwJQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6984843218241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
Protocol: HTTP/1.1
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 690aca2a97416cfa2c2db5d18f5500ece97055d2ec841b89552a17517166ed98

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 19:58:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92955200141994004452126012392009
Connection: close
Content-Length: 331
Expires: Fri, 21 Jul 2023 20:58:52 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 19:58:51 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5VcNeeO6ZPCHOdGdiQOM7arACJ7ZlqFp6auh-9sP8C4QASDSzIEaYO383YWsG8gBCakCyB5BCYOlsj6oAwHIA5sEqgThAU_QC_SdUf54i0eVqZmyqKI5UiJsj31NHjV1bDnqdejPhFCPSkal12KKuQF_9LDv6M6A_KajLjS45AQPpBES4yaqUu-kbllnWmjeTsXqmEs7_6q2o1VM4nmI2IAPWr2Pd7ao2OttufGL-tb-tYH6rTx4KAjwlINCj0uOBbIq2gahbIU4N6L8nWZXDtKGG1dJc31yUdN0hXd-XWE-KLxZxZeGzZLfltRz6GDtAaTmp9Psm58psgLRhCDU_-KgMthDlr-_NpPBTv5TwZR9Gd5hGzjIKqPaobTSbxfF_DS3BAYAxMAE1_WW0vMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE%26sig%3DAOD64_0RADwPz8eo19-Gx3X0PwkOo3wGkw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Bms_u8whGpFqiGCPNK6eohENoM4xHEVEe3A1J_ROgXMBVtg7__m8ZTzDTwuih6-ReCw3g5Z5MdPfP0RjlDrqozgUxs3ucNybq808Tys-dikuUYNUimZzKOEh_xinzL5bWUvL1FNYEbm6kevOp7JV7EJSXVXdQS8sz5r2kFrRkOmVESy-Q%26cry%3D1%26dbm_d%3DAKAmf-CmRdI2YoES5kqqR6OTlHeRuiBfwOgs2VH0Us8Ae659aghDcNWoZNjboohfE-WC5lMLDO5F-7l9yGPBIB--Id2EmbYHIpG0XKS-p_tz6E9Q2Bs5TAC8VvmiM5aEaiqMSJa8AWo0qY20hVlp4OFyH4iYSus8o-gmfT1DfJdgC32EIjG5GyVX88xY4bK0cfhf_jj9OLqmposilZpftUVqUco0M-GXTqNSeOk9ya-66O0rz-ccP4hx1lj3qYI5VQqJBZxfew4te3G7XuV8GRZXo0Uwfu47JRJWWKeQJOer6i6z7SI2WKOLZCK6OLqgZAI_O2ZPspioaHaDsLSYSdXqOSgKl1mpAUnSCApz3G6r5v_WOJNZutwC-_5S0dikWW7nOICeM3k5vjSOJI2E7aJcKUM2boIDwSeYv6Ns8piexH6LkvaUj02aoNfjzT2KfSiwGeGOcMRTEG51XG786XHU9y41Hch78VyvKyykoBrIO8t1LWv79cejigrHbJ3UUW70yBAjc2WLImpbQqKP6O1x9yWNRQ9DYGK2bqmqDCiT6lGs90eM7CVRpYgZE_ccodiV9iOwEa5qH49Jf4BEqVGXvEwamNnjoCrYEsL6TUKWSXYRbnhwwJQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6984843218241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 21 Jul 2023 20:58:51 +0200

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 70FF 31 KB
10 KB 175ms
56ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 22:48:07 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 76244
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 21 Jul 2023 22:48:07 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 70FF
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

56ms
56ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13201
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37NzRVic26esqvD%2Fx44csAAWNBcZiehTmZxVOynOJ4xSELFDAbjUUYXFgXR%2BgIzHoszgt0N93jdUx5AzneULDX6vjR1SX0kuaycBeJ0BB8v8JyO5fw9orQTyjRkCuJHIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea605688b30489d-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
705 B 130ms
130ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689969531977&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1534&pt=-792469858&tz=0&viewable=true&ddast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dfrc_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 466dcea7f843d95bd8cc1abcb455fffb13d7395f52ceba7c16727a9ec9b59a6f

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 21 Jul 2023 19:58:52 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1441
x-cache: MISS
x-served-by: cache-lis1490047-LIS
pragma: no-cache
server: nginx
x-timer: S1689969532.011770,VS0,VE74
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame 314B 4 KB
2 KB 266ms
89ms Document
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=fq676ms9mj7a&nw=20&renderingType=javascript&namespace=c4f4803217&subid=&uid=4f251acb3c8f6e09&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5VcNeeO6ZPCHOdGdiQOM7arACJ7ZlqFp6auh-9sP8C4QASDSzIEaYO383YWsG8gBCakCyB5BCYOlsj6oAwHIA5sEqgThAU_QC_SdUf54i0eVqZmyqKI5UiJsj31NHjV1bDnqdejPhFCPSkal12KKuQF_9LDv6M6A_KajLjS45AQPpBES4yaqUu-kbllnWmjeTsXqmEs7_6q2o1VM4nmI2IAPWr2Pd7ao2OttufGL-tb-tYH6rTx4KAjwlINCj0uOBbIq2gahbIU4N6L8nWZXDtKGG1dJc31yUdN0hXd-XWE-KLxZxZeGzZLfltRz6GDtAaTmp9Psm58psgLRhCDU_-KgMthDlr-_NpPBTv5TwZR9Gd5hGzjIKqPaobTSbxfF_DS3BAYAxMAE1_WW0vMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE%26sig%3DAOD64_0RADwPz8eo19-Gx3X0PwkOo3wGkw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Bms_u8whGpFqiGCPNK6eohENoM4xHEVEe3A1J_ROgXMBVtg7__m8ZTzDTwuih6-ReCw3g5Z5MdPfP0RjlDrqozgUxs3ucNybq808Tys-dikuUYNUimZzKOEh_xinzL5bWUvL1FNYEbm6kevOp7JV7EJSXVXdQS8sz5r2kFrRkOmVESy-Q%26cry%3D1%26dbm_d%3DAKAmf-CmRdI2YoES5kqqR6OTlHeRuiBfwOgs2VH0Us8Ae659aghDcNWoZNjboohfE-WC5lMLDO5F-7l9yGPBIB--Id2EmbYHIpG0XKS-p_tz6E9Q2Bs5TAC8VvmiM5aEaiqMSJa8AWo0qY20hVlp4OFyH4iYSus8o-gmfT1DfJdgC32EIjG5GyVX88xY4bK0cfhf_jj9OLqmposilZpftUVqUco0M-GXTqNSeOk9ya-66O0rz-ccP4hx1lj3qYI5VQqJBZxfew4te3G7XuV8GRZXo0Uwfu47JRJWWKeQJOer6i6z7SI2WKOLZCK6OLqgZAI_O2ZPspioaHaDsLSYSdXqOSgKl1mpAUnSCApz3G6r5v_WOJNZutwC-_5S0dikWW7nOICeM3k5vjSOJI2E7aJcKUM2boIDwSeYv6Ns8piexH6LkvaUj02aoNfjzT2KfSiwGeGOcMRTEG51XG786XHU9y41Hch78VyvKyykoBrIO8t1LWv79cejigrHbJ3UUW70yBAjc2WLImpbQqKP6O1x9yWNRQ9DYGK2bqmqDCiT6lGs90eM7CVRpYgZE_ccodiV9iOwEa5qH49Jf4BEqVGXvEwamNnjoCrYEsL6TUKWSXYRbnhwwJQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6984843218241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0ea4eaee6ad65c95b5b6871fe39a6c1b782ae17f377811aa49dd1cf3ef915dae

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1414
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jul 2023 19:58:52 GMT
Expires: Fri, 21 Jul 2023 20:58:52 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0BC2 1 KB
643 B 82ms
81ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 77866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Fri, 21 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B0C5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 016891a59511f708b66804d5b5631172cb2e4fcfc92bfe8b582838feebd3dcf1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BC2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGM2yYWeB2lq6pzL9G3eCW8&google_cver=1&google_push=AaAOQGEvakmAIQQmrfAI4o0_CPkc7hHpZcPWt7rOrz0keaYpZD1vZtSvSLs6DbRTDYnZxHWB9mLztR9iIZKLdKf9jHTLrw0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEvakmAIQQmrfAI4o0_CPkc7hHpZcPWt7rOrz0keaYpZD1vZtSvSLs6DbRTDYnZxHWB9mLztR9iIZKLdKf9jHTLrw0RTcA&google_hm=eS1wdGhwbURoRTJwSE91aFZ...

170 B
188 B

93ms
92ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEvakmAIQQmrfAI4o0_CPkc7hHpZcPWt7rOrz0keaYpZD1vZtSvSLs6DbRTDYnZxHWB9mLztR9iIZKLdKf9jHTLrw0RTcA&google_hm=eS1wdGhwbURoRTJwSE91aFZISksuUEJXRDFBZUlDTWNXU35B

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 19:58:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEvakmAIQQmrfAI4o0_CPkc7hHpZcPWt7rOrz0keaYpZD1vZtSvSLs6DbRTDYnZxHWB9mLztR9iIZKLdKf9jHTLrw0RTcA&google_hm=eS1wdGhwbURoRTJwSE91aFZISksuUEJXRDFBZUlDTWNXU35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BC2
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEnNnX7s1uAjBpY5WL6cPwE&google_cver=1&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEnNnX7s1uAjBpY5WL6cPwE&google_cver=1&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZpqydoRwpg&google_hm=HBPOpGZH137QtPa7QKmAu-Ym

170 B
188 B

90ms
90ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZpqydoRwpg&google_hm=HBPOpGZH137QtPa7QKmAu-Ym

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Jul 2023 19:58:52 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGECcBAUV-jcShuj1c4g2A7w7NN-3_Q580JJgp_mpoUelrFRoxC3kTqpb0tZp5mDjCXltjbABvqRIupEqJ4EZpqydoRwpg&google_hm=HBPOpGZH137QtPa7QKmAu-Ym
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BC2
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENC4dKRn91gvoNLzgljq5eA&google_cver=1&google_push=AaAOQGFLLuKjsPTK4eI-tMp3HfdtC1O9D_L9-LUGvw-SKuhv5ABLXQ8-RiC_24wyQRojMR-hcrhNcUPdogZXRNX7...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFLLuKjsPTK4eI-tMp3HfdtC1O9D_L9-LUGvw-SKuhv5ABLXQ8-RiC_24wyQRojMR-hcrhNcUPdogZXRNX7kq2UfYpZ8Ws

170 B
188 B

93ms
92ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFLLuKjsPTK4eI-tMp3HfdtC1O9D_L9-LUGvw-SKuhv5ABLXQ8-RiC_24wyQRojMR-hcrhNcUPdogZXRNX7kq2UfYpZ8Ws

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Jul 2023 19:58:52 GMT
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFLLuKjsPTK4eI-tMp3HfdtC1O9D_L9-LUGvw-SKuhv5ABLXQ8-RiC_24wyQRojMR-hcrhNcUPdogZXRNX7kq2UfYpZ8Ws
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: dCVAK9vCiGHMLkn82wGogicabOBM0OyZF7O-m2CfA_Z2DySRP4XXyw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BC2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJamBvYOUQtLIo4gSLnn6Vo&google_cver=1&google_push=AaAOQGEpwKrJb5ORKe_keFsrjfgOOB4zcL1QwsWJBcWEp-_Jt4Fc7rZrgcZhg-caWphAEESDOSBPlDQxA4Bb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpwKrJb5ORKe_keFsrjfgOOB4zcL1QwsWJBcWEp-_Jt4Fc7rZrgcZhg-caWphAEESDOSBPlDQxA4Bbixcy4SYdF4KKfFQ

170 B
188 B

90ms
89ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpwKrJb5ORKe_keFsrjfgOOB4zcL1QwsWJBcWEp-_Jt4Fc7rZrgcZhg-caWphAEESDOSBPlDQxA4Bbixcy4SYdF4KKfFQ

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpwKrJb5ORKe_keFsrjfgOOB4zcL1QwsWJBcWEp-_Jt4Fc7rZrgcZhg-caWphAEESDOSBPlDQxA4Bbixcy4SYdF4KKfFQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BC2
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFHuVGmj66lcCVv1AdeeJGQ&google_cver=1&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzMTkzNjgyODU0MjI3MDY4NzA2NQ%3D%3D&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CU...

170 B
188 B

90ms
90ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzMTkzNjgyODU0MjI3MDY4NzA2NQ%3D%3D&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgzMTkzNjgyODU0MjI3MDY4NzA2NQ%3D%3D&google_push=AaAOQGHvDNt8vmQfHTqXIEcwrxe4OKUCAd9s9RenJT3sR6sj2OWL36CUPeVvQBvlJz3wXQ6ABnNlkuDBRSEyVP6Vb1ti2KZOIh4
date: Fri, 21 Jul 2023 19:58:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BC2
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELkjmBbeJv6hzMFH2Zn0Bms&google_cver=1&google_push=AaAOQGFM7Nj-Gpb5MAgd8rqCW9mduw7g0PlCrnrkUyqClXtJo0Ol984wlZE41tvtgX...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFM7Nj-Gpb5MAgd8rqCW9mduw7g0PlCrnrkUyqClXtJo0Ol984wlZE41tvtgX3NNXi6QZqjCUQmBiHdKe9eIX8rmmutv1mT&google_hm=jaS...

170 B
188 B

91ms
90ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFM7Nj-Gpb5MAgd8rqCW9mduw7g0PlCrnrkUyqClXtJo0Ol984wlZE41tvtgX3NNXi6QZqjCUQmBiHdKe9eIX8rmmutv1mT&google_hm=jaSKMVYRT9eBcK6tw80FKFI

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:51 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFM7Nj-Gpb5MAgd8rqCW9mduw7g0PlCrnrkUyqClXtJo0Ol984wlZE41tvtgX3NNXi6QZqjCUQmBiHdKe9eIX8rmmutv1mT&google_hm=jaSKMVYRT9eBcK6tw80FKFI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 0BC2
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGV2lp0I4zsW...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFd01ER_2BGZZvlfhSdRciK8r8kC-wVoV0Zq9brDGUwPtOIwcwSpStgKgmMNc8xM14NtHGy96UteZHbxD20v9lukgpZVFNM
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

108ms
108ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689969529&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689969529150&bpp=13&bdt=1099&idt=523&shv=r20230719&mjsv=m202307180101&ptt=5&saldr=sa&correlator=1938863832960&frm=23&ife=1&pv=1&ga_vid=332428311.1689969530&ga_sid=1689969530&ga_hid=1292689794&ga_fc=0&ga_cid=amp-k5iKkzmpM38r8PqTE5g9Yw&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4075907894&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076087%2C31076159%2C31076251%2C44788442&oid=2&pvsid=433876379333420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.em6ht4pt7ojf&fsb=1&dtd=586
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 21 Jul 2023 19:58:53 GMT
pragma: no-cache
date: Fri, 21 Jul 2023 19:58:53 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0BC2 0
12 B 89ms
87ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqFw5buDRDfiYDSjedY5NPG5mMbH5Y_Ym2HMmLCWFXY4klH7bUuJIqPWgWUuCDfrA4lp8n0ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 70FF 975 B
749 B 57ms
56ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sckc8sdYIVUaFEDuWn3Fr7x0SsDd4nlC0Hcl4DPhIIvqflSLWXDl71Rm668Xxn1XUFKC2DoZxkzZiNXWTWtwYXALB0qWeRKH0TqU9IJeVdn%2FL8braw%2BNv6tuYO%2B83%2BE3Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea605698d46489d-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 70FF 661 B
1 KB 743ms
207ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.5671284991653023&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:53 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: e829b5e3-22a9-33af-b0c8-29ab84501113
X-Adtype: html
Connection: close
Content-Length: 661

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 314B 77 KB
77 KB 421ms
134ms Image
image/gif 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:52 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-13517"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 79127

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 314B 0
150 B 266ms
90ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=92955200141994004452126012392009&a=7ccff879&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:52 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 314B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ED5B 80 KB
27 KB 149ms
148ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cab2e46884fe7fb5f4725ce61edae59565e9b5f54e67771c86d9df43f886d219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27572
x-xss-protection: 0
server: cafe
etag: 927 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:53 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame ED5B 385 KB
122 KB 78ms
78ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3520
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 19:00:13 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 91ms
88ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=8764&cid=amp-k5iKkzmpM38r8PqTE5g9Yw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1689969529&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=7526&epn.domain_lookup_time=13&epn.tcp_connect_time=550&epn.redirect_time=0&epn.server_response_time=501&epn.page_download_time=1&epn.content_download_time=1092&epn.dom_interactive_time=1092
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 82ms
80ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-k5iKkzmpM38r8PqTE5g9Yw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=7526&dns=13&tcp=550&rrt=0&srt=501&pdt=1&clt=1092&dit=1092&a=8764&z=0.6386652643142161&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 12:34:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26646
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ED5B 27 KB
12 KB 282ms
280ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3867402177371232&correlator=123875403284812&eid=44797784&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1689969533606&lmt=1689969533&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=5nyr1x7wluq6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1229393605.1689969534&ga_sid=1689969534&ga_hid=1561449213&ga_fc=false&dlt=1689969532383&idt=1200

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d73acaca0a076fdbbcc14a566ba0fbdb3d7c7b51b189e8ef0ed5aa645b15ac8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11967
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED5B 15 KB
12 KB 135ms
133ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d4846f9279b04a75625c1b8b5f2b086eaa29b148249266cd92aacef43d62cdab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11851
x-xss-protection: 0

GET
H2 200 container.html Show response
6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0335 6 KB
3 KB 102ms
86ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:53 GMT
expires: Sat, 20 Jul 2024 19:58:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 314B 0
150 B 266ms
89ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=92955200141994004452126012392009&a=7ccff879&vb=v
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=92955200141994004452126012392009&a=369a7da3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:53 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ED5B 17 KB
6 KB 90ms
89ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 19:58:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 389B 13 KB
5 KB 81ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5848 783 B
537 B 88ms
88ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

629972b58d4e82f0acc063f1701cdc9a62db61480bad4ff005fc6ddf6818dc55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3VQRotXGEh3P2x-9UW8XGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-3VQRotXGEh3P2x-9UW8XGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:58:53 GMT
expires: Fri, 21 Jul 2023 19:58:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63E8 0
0 117ms
116ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu45zw1Hx0UvniI1jVHwlEQAk8VSG4te9uSssnP4SQ1gNppl3LXUaEBXx-KYCJ1v8wGVpVqozChqcvFLOa4oYIUW5-rOLW4Ad9ec_UNlGQWN0ug1EdHV98UfZCj9Cw5PewswxrPgpbNXbk8zY3pxj2bWr5xcs9xZnSUyrf2WLYp4DgZ5We1Ykybpy4o8R--eXK5_oyrvr132fMZyToDR3VsMHOAL8q9lykfPHouBGyFJ2DXLVjxwKa5jHMIEM68-EVM7WwGmbkWo46g0zePO8Ir3wXFDRUR5F_fi4mGm6waBYIR5u1BgRvq3YCKXSOmQ_FI49BPjY6C80nRjSU&sai=AMfl-YSn_VM7oKzZqu5uv2wFNEu4MSVpHUq0AWnYDVN-scoiOToonvjO63-TkuQ9xK80MPd6_ONKkiRBthduZ3tYaCgObykQarP_ZwYccg&sig=Cg0ArKJSzJJaT-6gLSeiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 63E8 31 KB
10 KB 58ms
56ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 22:48:07 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 76246
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 21 Jul 2023 22:48:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63E8 179 KB
56 KB 136ms
135ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5848 0
0 116ms
116ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=3867402177371232&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 389B 37 KB
14 KB 80ms
80ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 63E8 80 KB
30 KB 283ms
88ms Script
application/javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: M6APQD13JX2D3G66
age: 297
x-amz-server-side-encryption: AES256
x-amz-id-2: D9feVbKwOXvUMECXRlqwiUOxW+pF6eUdaKu/Pfqkc5HzIZkjQSDd+Pruu+GaGAxu66JrOgWDdLc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 63E8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5edb67df3f803dca4257df7585339f18b4381d383fca47a4b852fc416908202e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 389B 0
10 B 80ms
80ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3DUsZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 63E8 290 B
623 B 333ms
99ms Script
application/javascript 87.248.100.137

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 21 Jul 2023 19:58:54 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 11
x-xss-protection: 1; mode=block
x-request-id: 8f1089c2-3e5f-4018-bcbe-b884d77325d0

GET
H2 200 b
geo.yahoo.com/ Frame 63E8 43 B
826 B 279ms
94ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:54 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0C5 0
20 B 116ms
116ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2939355138142&version=m202306200101&ct=77&x=1&cor=18171757964449618000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B0C5 42 B
64 B 120ms
120ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFxvG3vGJAF5dJIoYNTMswlVOU7k1VW7PTUtSilRXfrjGvTmZPYNthxLok0m7gdYbFycG9M6VmQGdeorcG5Ycs3RnX3qmmegvenK8g7F2HPOXYLqBRlFVdZ5uaYiA9ExM&sai=AMfl-YQp2kPWln_ooKrc7vEhoRDNendGOBim8UhVo5ZExuhNkqjD939ws4R8sBfcgMx96N-F6EG83wC41Zt6K6j4KE6bQxuu6PIE92Y&sig=Cg0ArKJSzIdrVlIFyOi4EAE&cid=CAQSKQBpAlJWaGkLOVvl0FTuYQuIxr60EPTsH6tcJ0TPp-9XNXv12JLiTB-QGAE&id=lidar2&mcvt=1008&p=0,0,280,336&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689969529737&rpt=3813&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED5B 0
0 121ms
120ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=3867402177371232&bg=!UlGlUQXNAAZsPphkTD47ADkAdvg8WqNFCQXadpMj6CjOfb2WINHnMtPZsoBM3y5yjQf81b-7xTLRc9RBupKkhormzkk3lmzSpMUCAAAApVIAAAAFaAEHmQLva9TMAvOP7du9YVlEhGLh6k8dXKO_zQF3HBJBY4CrQWfeqGkEYeIRdgnRc1_LpnAOyhfMiTsmkmhuLKAmDCMo7e7ONv2zQWtuRKiWDvQnV0j5cDja16sc5GZvW84yo73h1FXZjoX7QxwkVP6pXe6HX-l2EKNxmdCEwUA_bmHnn9O4ASAVIuIQO-EBWjE85K4Q3ImoW2mVP91KcZQAnrbSYDRlYXYqiSn4htPK6b2IhuTC-pb4sbK3oc-IQbAOwU5WJDciyZq1YM0CJTphC8i2clgC9GfnArJ8qDTAiUozIrMY4d-l1z8tFWaNhyt1no5kB5FBK83owI4LZzNu-e7sMNCIIZx8Bysm2-RYqRP6jWG0oupcMtsjFlgZQfPAjZ8B2cU3N8ECIOY2cq1iZ63nDHX5mqkwXKzmjFPp661WjeqnuzJVwWBIirbbKQ7mPGB7bqUw3gv704CSeH9ybVtupYzg0r6KJyvT3R6RKV_o9HR82-nneLJ52hu452pWlZlm7zug7l2SGJTs__JxBZlV2IEwQV3bxlK-U2mbhMLb_H11awZl-aiKUu6rkntbb7CQF2q3zYUy95Psv59Gb13CxhITGDSnPv8NcrWODnw5KEVU7NiLsvIN6jnIlM6oAOjFTYfZsdP1j5kRPGMeRHq2m2KGFsG0YAb_gyI68TlzhKDLxk81l16qikUvzAjWVEKmIKRx9a3wmWTS6diHl0aBjnb4oc7CLBy6AmqBEO4CmJ6O4I5bcuLOQSVMTnNrzaXZaaqhV8z4bA4D2eBydvxEI1rfiATgktd8nglMHWAh8y7toC3ZlcwCpeU9LlB_FUJkhMmxByI7Pp_NxCF6z1tyD9JSrsjqRILvpbcbnaafoDKWK48xqTxpjYeM5N1L6IWy9FpYA6GYaRwkcsuNH-4HePM_1KFN_LOo9ZoohsVuCs7gWjoRyL_qXZKxUhM2KIOrnVqRPJQw2HTAZ0ZyR-hrCkq6mJ4qkTXWNfNn3RjnAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 63E8
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

78ms
78ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13204
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lo%2BaplF%2FuJ2HX4qo2612fKaQ7yj44FgLPNAARoUppp6NqruB320hMrnlYvPpcGnKJU3IlTy1SrcFDj0zbi9EsxiORbAf7LWQ%2F5GwYl0O4qa7hSo2t6pA3I3A3KQky6MKXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ea6057b687d489d-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
784 B 364ms
116ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689969534979&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1534&pt=-792469858&tz=0&viewable=true&ddast=V8wq0CLAYomYe9Hr8p8xFQMg97PX5T5isAAABgYID-AEmZnCPncuVaCza2wVq0sa3cEtfK5dYsV4bhbjFYDmfGISApk3PkXK5ca8HGNliLNraVW-Jaudya5cow3C0Gy-HMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQCscjBgp-fit_sDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAQEPSAMMSbFyJzYkUnBZhBAAAAKBA01XqyCSdoGJR5f__v98KwBUAgIBEPQTGnCy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHSCEdKEzzBlaLmFxAAYM0vIAAAG3UDAPBGAE7QCYDVCYjZAQAAALjz____rwckRsvBcmUxLUyTlW9mmDmMm5FrNbH5Fr7FaDWZeY_qGyZYIenPaZ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYGe1Wu9nGtpasXCu3aDGyuJUbk8utcTk3ltXC4bANd2vR62O6WEyz4cy3RYIBSXuRPC3SicJiWQxWlsnEstjYPM6RZbNxjQzLicuxsFhcJtdELNGcLNKJ7LJvjJaD5cpiWpgmK9_MMHMYNyPXamLzLXyL0Woy81dGu9VutrGtJSvXyi1ajCxu5cbkcmtczo1ltXA4bMPdWvT6mC4W02w48-0bs-FyOVuuJrt9YzZcLmfL1WS379AZvqvP2agsqyQfneXrmz7ENqdB4TJYvM_vRRraGW1Gn-Yrsaie4pxnYhX6_X6_3-_3-_1-78Zs8BgMhplHu02MXX7N5qc8arwHgyKWCC7SieBhdjtML7fE59n4LWKJ0nSRTvQKv9DhdMsddrfmYXcrH26hw-kWPexuycvuFv1db-nD7hb57T670PQ2W8QSwekinYhextNF_UcMNVesRnPFbjQXTlYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1TgczmU0Gu9VyAVwEZekCBgEAAAAAACjW2GMN8DC7HaaXW-LzbPxWBiDBnMdss88IYq1WyxoAAIAANgAAgABuuvEmEIuJ-____x8HAABARg49AAAA-n1AWQAAAAAAAP8AVIi1Wq1uN9ZqtQA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dfrc_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:55 GMT
content-encoding: gzip
server: nginx
machineid: 1412
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 63E8 975 B
747 B 55ms
55ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnakHYm4YADRDZEikKgGDpNK4sv2VjKjQRT2%2B4LUcOo9JaJCY1AY1TyDMC3JReKsyhpTBClBOhKVrpH6dDy5nE0QJVcXU1bDjzlvXM3qMtxKCAjENgB%2B7lhkpba7I4iKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ea6057c39dd489d-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 63E8 638 B
1 KB 217ms
217ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6592908179623851&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 19:58:55 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: e829b5e3-22a9-33af-b0c8-29ab84501113
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63E8 0
0 283ms
119ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC93qSxNeO_yRUEFj5cyr2dLaP0z-CbkDml9KXNNdPK6wE0t532mgjwI5NleGOVkK6HbkSP4hnEoQwrPqwfKG5m2JzbxtZhrIas7SHZyNKWaSE4TDkFfY8yWZboMiQ52vL1otl-H2AQKegAJBerpW7s8p87VFOJSiXpc-lg-uhep8fpKGBDq9vmLOE7uUmiPJc-M_xupRAduMEKr-UvcYfsYKHm3F3XX8anRXKeEFELKXyMRGhvC8y4W1cgIn-rTEjf4keUKD9_jfZwqA6iIrO-vdPiqvFfe6OIk2ke03_yw2dpEKzlFbkPKafg-N4wawpSZcHi6gabbA3dorKHw&sai=AMfl-YQaH3CVc0FvvUruyBfFebVoFwrAtXyjZ_l130UBLkgYq911bn7EMi4pyYfmGGGdzLSUNDpS3FriPzPrW3mZe8yFOfvatO5QQzVTnA&sig=Cg0ArKJSzFGoHtg0dv6REAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 19:58:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 912F 143 KB
49 KB 133ms
132ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2f6b582e8214f03c4316ee294441bbba7bb29a030e912db841fd894e67c835cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50520
x-xss-protection: 0
server: cafe
etag: 12631764081069581227
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ Frame 912F 360 KB
123 KB 171ms
171ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e72540b4318ece9424f68e731a6996392ef8a397d443a8ca12af59bc2df7998c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126224
x-xss-protection: 0
server: cafe
etag: 17824336687756939693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 19:58:55 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 6365 10 KB
4 KB 77ms
77ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 10641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 17:01:34 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 17:01:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 75ms
74ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37j0&_p=8764&cid=1670723785.1689969531&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1689969530&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 19:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202301/4f542554f89695ce4a027aa056097118.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/18a7e3be6b270092f19ff35dc6a97ae7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/049c7f4ad5aad60f6fc042df982b6d22.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e5005c5308bc7c9467fcbd7e627d95de.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/1f37b8b29da65bb7711b25e687d33c61.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202202/82ab7bbe57b8b8339f37d9d152f4f574.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/09740c668fb27baf6b9563471727d285.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/e3822bcbc627f799d99bc89b318cd464.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/29a5314c3a1d44ecc1089d22a8ed1104.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/5b59010017b3fe303e1159af72427cfe.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7156afbc3a3f4005800ed4e4b8ee8229.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202010/9346a255cd2c5b88a55511248e9dda6b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/5eed160f905dbd9bee18c9ee6a31e3ee.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/587541147a553bd94cfc1e718b71021c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/8f8d71d78c948a341dc713a437efca80.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/4041dccd2d6c25556233d27a67ee8da9.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/35c1505224bf70661848f4739132f505.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/97a4c40e47890e6e884e05c2a5048a0d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0e556532c7853e54be9bd48ec6276007.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/502b73ece4de97fa8352f5eced740110.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/880e71c53cc80a41380d15c709a0a5a5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/841c21cc915a6c3e69d41b637e4e3023.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/09827277fd64d89a1a5afa7d40d2133e.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:11:45	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D247576c6-2e5e-41db-9cde-ce9c25aaa687-tuctbb468f7
.aralego.com/	1970-01-20 22:11:45	Name: sspid Value: e829b5e3-22a9-33af-b0c8-29ab84501113
.www.bg3.co/	1970-01-20 14:09:21	Name: _im_vid Value: 01H5X0H4CD79XX1SF7FHDY1EEV
.aralego.com/	1970-01-20 22:11:45	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:11:45	Name: gdpr Value: 1
.quantserve.com/	1970-01-20 22:56:23	Name: mc Value: 64bae379-7b669-5f709-11cca
.bg3.co/	1970-01-20 22:50:38	Name: __qca Value: P0-1609294263-1689969529124
.bg3.co/	1970-01-20 22:47:45	Name: __gads Value: ID=1d1a141afb3c27c6-2209e6fae0e2008e:T=1689969529:RT=1689969529:S=ALNI_MaFbes1HuyHldkrv4wqyY_ug3_8NQ
.bg3.co/	1970-01-20 22:47:45	Name: __gpi Value: UID=00000d0008d88993:T=1689969529:RT=1689969529:S=ALNI_MbiC8uMNnMAWNLUa4QKJl4nZkPAPg
.doubleclick.net/	1970-01-20 22:47:45	Name: IDE Value: AHWqTUlXGeSYZ2mLXmvFwPiQxPkxj64uEPHzJkqwHVDtCAosZUQojldLyNZ_bgrZvX8
.bg3.co/	1970-01-20 23:02:09	Name: _ga Value: GA1.1.1670723785.1689969531
.bg3.co/	1970-01-20 23:02:09	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1689969530.1.0.1689969530.0.0.0
.redintelligence.net/	1970-01-20 15:35:45	Name: 8lcfmzhxc8d6_uid Value: f147769bf365e52e
.adnxs.com/	1970-01-20 15:35:45	Name: uuid2 Value: 8643963889410503393
.adnxs.com/	1970-01-20 15:35:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImTuaNWJ!@wnfH8K6pQK`!5=E<L5?%M94A6[viEtjx4Z$Mofx8kxZ-%n:AU(v^k4]iFbpRzqF1`ba0<*T5Zj
.yahoo.com/	1970-01-20 22:12:07	Name: A3 Value: d=AQABBHzjumQCENWHyHOluCAM_AsCa_LetMQFEgEBAQE0vGTEZAAAAAAA_eMAAA&S=AQAAAvt_uXWhW-hL6EhvAQthY-g
.ctnsnet.com/	1970-01-20 22:11:45	Name: cid_8da48a3156114fd78170aeadc3cd0528 Value: 1
.ctnsnet.com/	1970-01-20 22:11:45	Name: gid_CAESELkjmBbeJv6hzMFH2Zn0Bms Value: 1
.lijit.com/	1970-01-20 22:11:45	Name: ljt_reader Value: HBPOpGZH137QtPa7QKmAu-Ym
.3lift.com/	1970-01-20 15:35:45	Name: tluid Value: 2831936828542270687065
.casalemedia.com/	1970-01-20 15:35:45	Name: CMPS Value: 5192
.casalemedia.com/	1970-01-20 15:35:45	Name: CMPRO Value: 5192
.casalemedia.com/	1970-01-20 22:11:45	Name: CMID Value: ZLrjfZXpwGFPe29KjMfCUQAA

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202107/5b59010017b3fe303e1159af72427cfe.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/e3822bcbc627f799d99bc89b318cd464.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202301/4f542554f89695ce4a027aa056097118.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/09740c668fb27baf6b9563471727d285.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/29a5314c3a1d44ecc1089d22a8ed1104.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/18a7e3be6b270092f19ff35dc6a97ae7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/049c7f4ad5aad60f6fc042df982b6d22.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e5005c5308bc7c9467fcbd7e627d95de.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202202/82ab7bbe57b8b8339f37d9d152f4f574.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/1f37b8b29da65bb7711b25e687d33c61.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/5eed160f905dbd9bee18c9ee6a31e3ee.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7156afbc3a3f4005800ed4e4b8ee8229.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/35c1505224bf70661848f4739132f505.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0e556532c7853e54be9bd48ec6276007.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/4041dccd2d6c25556233d27a67ee8da9.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/587541147a553bd94cfc1e718b71021c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/97a4c40e47890e6e884e05c2a5048a0d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/8f8d71d78c948a341dc713a437efca80.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202010/9346a255cd2c5b88a55511248e9dda6b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/880e71c53cc80a41380d15c709a0a5a5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/502b73ece4de97fa8352f5eced740110.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/09827277fd64d89a1a5afa7d40d2133e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/841c21cc915a6c3e69d41b637e4e3023.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvaGFpLW5hbi1zYW4teWEtaGFpLXRhbi1yZW4tdG91LXphbi1kb25nLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64059a5cb5e839c3f5867792d753ef94.safeframe.googlesyndication.com
6aa81ab3a1192fab318e5b95e9976245.safeframe.googlesyndication.com
ac407007446ee6ffd2bdacc63df868fa.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
audiencedata.im-apps.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
d-190438802479474407.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90009.redintelligence.net
http-intake.logs.datadoghq.com
ib.adnxs.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
ius.ctnsnet.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
sync.teads.tv
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
103.231.174.251
108.138.36.83
108.138.7.45
13.114.150.222
138.201.63.116
138.201.63.149
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.174
142.250.185.65
142.250.185.66
142.250.185.78
142.250.185.99
142.250.186.106
142.250.186.129
142.250.186.162
142.250.186.34
151.101.193.44
151.101.65.44
162.210.196.208
172.217.16.194
172.217.16.196
172.217.18.2
172.64.203.13
172.67.71.254
178.250.7.13
18.193.178.232
185.106.33.48
185.80.39.216
185.89.210.90
188.125.72.139
192.96.203.13
2.19.126.145
2.19.70.117
2.23.209.46
216.239.32.36
216.52.2.91
216.58.206.33
216.58.212.130
216.58.212.168
23.35.237.56
23.53.40.162
23.97.225.52
3.233.145.162
34.120.96.193
35.186.193.173
35.186.215.140
51.89.9.251
52.192.246.101
52.212.161.120
52.223.40.198
69.16.175.10
69.173.144.165
69.173.151.100
74.125.133.157
76.223.111.18
87.248.100.137
87.248.119.251
88.99.65.215
91.228.74.166
95.101.149.233
99.84.88.111
99.86.91.52
0045445d23c25ebb4c004bc94ffd147a58c6e999531a481db01c015f5103548e
016891a59511f708b66804d5b5631172cb2e4fcfc92bfe8b582838feebd3dcf1
01a5dd131c20db2b3c0ad38680265ebd5f15a3991dc695f6cc4ba98c4fbef1d9
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0441172eb51a61cb9201f2b8261890422cfdaf3f89517fb552e8e6803242272a
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
085ea814748c60932991fe901e53342313390e073c416d2d700c0488b3c8170c
0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba09039ddead4e5786e8ac622b4429213a762d0ae478c53e593f1f5ded1b035
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0ea4eaee6ad65c95b5b6871fe39a6c1b782ae17f377811aa49dd1cf3ef915dae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1699a7748e9a5e3ce1338feb4a59dd6a4353ca0ed71cefdb3174141457fbb221
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18f6e93b6e1ac6b3971bbf06396514d80559a3df081ae53f7f59860b878d6e91
1b611a3c0bebba3ef5cac63c3726f77378edf28008d2befff552fa7a8926772b
1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f6b582e8214f03c4316ee294441bbba7bb29a030e912db841fd894e67c835cd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6
31a9b23d7c28a75109677875e40c9578a55301fec47cd4aa80b9879449d2bb98
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c8a9ad52bb9f58c2af2af7286cad73eca7a18ce1d6c43d0bd6b9f41bbd8206
394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a66bd3cd6b865c61f9c7bb5c805f4a5285b67032ccd032eb7e60d072addc36b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466dcea7f843d95bd8cc1abcb455fffb13d7395f52ceba7c16727a9ec9b59a6f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ac9d1086017666491e569d3e665a47d5fb8e9885e054f27be6367fb35a4c9f9
4ae2a06a20497b4f5d370f5f9953a35ae67c35e24d4723d7d156b90ce5769da7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4ba2a5f2d74cd9941d09d0da725f620af02aabea20a8f489391240df67552615
4c72a836b84a634d453a61083ef8ab26c4558ba4b310fdb4df1e86ddef6b2fbd
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b74de96ea01b6ea69a1d2c67e60d111220f21311a901e9f80010cb96786e10
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5748ea3477997b95e9d7ddb05f17a67832f44215a7ea6307d0143404a1757b99
590c499aa8deed2f454d80bc7bab53cebe70bdb16c3ecf93b63e3f0fb9dcb560
5963f847b5712f4c376a9ebd356d111dcab54ed1806b5249cb51db3328a5c52e
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5a665354e817890ceaa48988aa784f59042a95e0ce3a239cf9d10379c65ce3fe
5ac2be8dae68839c33a4d5a6d220b33f448a4588041b4760475a1fd920a57b92
5ce36fbb879fc8ab681043901dc030ea886684ff82c42bac3a2516c95ea0b3ec
5edb67df3f803dca4257df7585339f18b4381d383fca47a4b852fc416908202e
5f9e2d42205b6a1c720cd33802edbad14351854bc4425726a291e9baed286a6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
629972b58d4e82f0acc063f1701cdc9a62db61480bad4ff005fc6ddf6818dc55
662c0a0fe846a3bdb9758cee8134311d46ef07b8eb6d42d05c1396ec4cb6027f
6692d8a5a14b43ea79f4f2c831f0efacf19cdc9915516dc0a4d883457ce89cb4
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
690aca2a97416cfa2c2db5d18f5500ece97055d2ec841b89552a17517166ed98
697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
709eb32d77bcd6a1650cdf7a77d2ec47b2e6dfbf3c427e7dbed7c4b3f5f13120
70ab2d341fa0c21f175db615c54472e608069d5f92677ffbe46f7dd9f2a30c2a
745f14ded4741f46890f8c1569a35a509ffc9bf841baa6097898f2e145fbc554
7a4f2de624e33affe18f01a49391243f02b0cd15f9c8c3414e3b32b76536d872
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7a9c74893bef37552b92e10bd29b691209b986e705a6242e56b9065810bfa859
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
86d1272ba0e86c843b074854c22d267b315d1986963ace5d0314ddbdcd4a22c2
8c0d448d9b49d77b54f2274d3f6c3f7b204f45cdf6d8a12dd9d4006efb95d380
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e51089d22c99aa4d9196e60c2d527a2352b8a139fb3ca86e89cc9fa2c1b7a36
92818e7c74834070b0770d864c66399f15d77bf6d19f8b78c5c721938ff930ba
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
932e6dec5caab7bdec544cb9a595f5105f8a3279e4d943be595f15bab07f43e0
94da003bda75b20ba4c418f3046cab50af4113bafac2d9c20f184096f6010c25
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0ff7c16f80e3fca74ec3545cb5004772212e393f48d7f862ceb11820356323
9c146df9242b5fafd2cc099e8b93b17e9a8fd380efc67ebdc82018d9dd8d0963
9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2f63a4e15c229a5b68d93bacb7f056e34d7f76c9308a48698b116f98aec5dd8
a372226393e05439e9f4ba09a53b0603b0f84320f166cb8f79a6b749a4eb02f6
a3d3dfd46fa4833d6953004333dd6239c72d056cba3113e335920f775424fca0
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a483647e3045f6f8835b3cba32fde7c4a51d45be87661f5b74a0a4277e6af7fb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55ddc91ee38fae35166a00550740831117f858fcf23dc9792c9f61f1c9ae5cd
a61bec2879f030475bef373d176e9b89b6b153914d26114601324bea1236d481
a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c
b029136f9fa7b4bb3b612bcf1181b4ca45dcb92191b0e8adaa93f202534296a5
b113baa1a8a720263c51ab0c3866a585f75aaaebebd156e7991b7dd03b670e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6254a4a16a3e6d4818042ae58d978e69b6bd8cd6a856b028c0eaec63a83b7de
b6815a4f5f99594a7df132c1b99093129a8854628884906dad7d1efc105b5fc3
b9f788c0b2770cce11ba8c9b1ba7e1be565c9d24e267c23d2e00d5bfebb7dfe0
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9
c027a897b8507f49977d5016626fe1da42a2b8a704ce8d5c89ce59159d00825e
c2d9d5f3e90407d633a8733e96cb7a33856d5dfe4490aa90c7edb2f9a360fa13
c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288
c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628
c6ae095d4e99879283af272733c43781ad19c5451eb0fa8d2d502fa2bff78d06
c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed
c8f1724bd314bb1545a4155a2a52edcf6bedd5717cf18fde816f9979e8fc8abb
cab2e46884fe7fb5f4725ce61edae59565e9b5f54e67771c86d9df43f886d219
ce3f16fdcb4ddab782f38b4895e6db8158e1e9125a326ec3a15e4754852ff610
d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c
d4157c995bbcc7922e7e1df182e85408f57447d55f7beb65fe115ec389781be6
d4846f9279b04a75625c1b8b5f2b086eaa29b148249266cd92aacef43d62cdab
d6121e07d79191c555920cf3208f355248345fac3eb3ed549e407f97303d0395
d73acaca0a076fdbbcc14a566ba0fbdb3d7c7b51b189e8ef0ed5aa645b15ac8c
dde42e8dd7ff1c925645f81d4a3301530035f1e8140bc24214d86f54e1824e5a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72540b4318ece9424f68e731a6996392ef8a397d443a8ca12af59bc2df7998c
e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152
e8e7f25e76923cdf5e3b0bbc96fab3e8d08575d2f87c478e23fb8e98530a9d90
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee46d0b151ef7aa74e2403064f99f660bef866b383962af69ee02e5adfc5d729
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd4594b8e2a6fb9d83c3efee52a4b042ea8681d6b97e64c34ec2630c65a006b
f3779f5586454c26dd37e8267e0d0776fba8567a8930229f2d754b0b690f0e72
f3c879914d9a82ab04ab0c71a0742118ce04a623adafef82fc991e10ce0e1adc
f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffd727eb8200be7e3c957386a2e2bd9dc7ccc07cd84073f576eb631acd57d855

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

291 Requests

87 %HTTPS

0 %IPv6

42 Domains

78 Subdomains

59 IPs

10 Countries

4277 kBTransfer

11418 kBSize

23 Cookies

28 Outgoing links

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

87 %
HTTPS

0 %
IPv6

42
Domains

78
Subdomains

59
IPs

10
Countries

4277 kB
Transfer

11418 kB
Size

23
Cookies

291 HTTP transactions
4 data transactions